Assetflo, Visibility Everywhere

INTRODUCTION

Assetflo Inc. (“us”, “we”, or “our”) operates the Assetflo.io domain (the “Service”). For this Policy, Assetflo Inc. We understand the importance of privacy, data protection, and security. We take your privacy seriously and are committed to safeguarding your data. This Privacy Policy (“Policy”) informs you how Assetflo collects, processes, transfers and protects personal data. In this Policy, “personal data” means any information which, on its own or combined with other information, relates to and identifies (directly or indirectly) a living individual. Assetflo and AssetView are registered trademarks of Assetflo Inc. All rights reserved.

SCOPE

This Policy applies to all Assetflo websites, domains, services, applications, and products. This Policy does not apply to third-party applications, websites, products, services or platforms that may be accessed through (non assetflo.io) links that we may provide to you. These sites are owned and operated independently from us and have separate privacy and data collection practices. The third party’s privacy policy will govern any personal data you provide to these websites. We cannot accept liability for the actions or policies of these independent sites, and we are not responsible for the content or privacy practices of such sites.

PROCESSING ACTIVITIES

This Policy applies when you interact with us by doing any of the following: make use of our application and services as an authorised user; visit any of our websites that link to this Privacy Statement; visit any of our branded social media pages; visit our physical offices; attend any of our branded or sponsored events; and receive any communication from us including newsletters, emails, calls, or texts.

Personal Data We Collect Includes:
• Account information such as your name, company, email address, and password.

Note that we do not request, gather, or store the following information:
• Payment information such as your billing address, credit card, debit card or other payment method.
• Special category and sensitive data such as health, ethnicity, or religious information.
• Other information, such as your occupation, employment details, or residential address.

Suppose you provide us, or our service providers, with any personal data relating to other individuals. In that case, you represent that you have the authority to do so and acknowledge that it will be used per this Privacy Statement. If you believe that your data has been provided to us improperly or to exercise otherwise your rights relating to your data, please get in touch with us by using the information set out in the “Contact Us” section below.

Device and Usage Data
When you visit an Assetflo website, we automatically collect and store information about your visit using browser cookies (files we send to your computer) or similar technology. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on most browsers provides information on how to accept cookies, disable cookies, or notify you when you receive a new cookie. If you do not accept cookies, you may not be able to use some features of our Service and we recommend that you leave them turned on. We also process information when you use our services. This information includes IP addresses, login information, device IDs, time stamps, authentication records, location information, and other operational data.

Data We Collect From Third Parties
We may receive your data from third parties, such as companies subscribing to Assetflo services, partners and other sources. This information is not collected by us but by a third party and is subject to the relevant third party’s own separate privacy and data collection policies. We do not have any control or input on how third parties handle your data. As always, you have the right to review and rectify this information. If you have any questions, you should first contact the relevant third party for further information about your personal data. Where that third party is unresponsive to your rights, you may contact the Data Protection Officer of Assetflo, and we can assist you.

Purpose and Legal Basis for the Processing of Personal Data
We collect and use personal data about you with your consent to provide, maintain, and develop our products and services and understand how to improve them.

Build a Safe and Secure Environment
• Verify or authenticate your identity
• Investigate and prevent security incidents such as breaches, attacks and hacks.

Provide, Develop, and Improve our Products and Services
• Deliver, maintain, debug and improve our products and services.
• Enable you to access AssetView services and set up accounts.
• Provide cloud services to enable the user and administrator to access, activate, administer, and monitor AssetView branded locks, lock controllers, and other IoT solutions.
• Provide you with technical and customer support.

Organize and Deliver Advertising and Marketing
• Aggregate your information in an anonymized form to generate usage statistics.
• Send you newsletters and other marketing communications about current and future products, programs and services, events, competitions, surveys and promotions held by us or hosted on our behalf; and
• Organize events or register attendees and schedule meetings for events.

We process your data to provide a product or service because it is necessary to perform contractual obligations. All of the above processing is necessary in our legitimate interests to provide products and services, maintain our relationship with you, and protect our business, for example, against fraud. Consent will be required to initiate services with you. New consent will be required if any changes are made to the type of data collected. Within our contract, if you fail to provide consent, some services may not be available to you.

International Data Transfer and Storage
Where possible, we store and process data on servers in your general geographical region. Note that this may not be within the country in which you reside. Specifically, for European-based companies, we have servers in the European Economic Area (EEA). However, your data may also be transferred to and maintained on servers residing outside of your state, province, country or other governmental jurisdiction where the data laws may differ from those in your jurisdiction. We will take appropriate steps to ensure that your data is treated securely and under this Privacy Policy and applicable data protection law. We will enter into EU standard contractual clauses (or equivalent measures) with parties outside the EEA and ensure adequate controls are in place for the security of your data.

Sharing and Disclosure
We will share your data with third parties only in the ways set out in this Policy or set out at the point when the personal data is collected. We consider your data a vital part of our relationship with you. We do not sell your data to third parties, including third-party advertisers.

Legal Requirement
We may use or disclose your personal data in order to comply with a legal obligation, in connection with a request from a public or government authority, or in connection with court or tribunal proceedings, to prevent loss of life or injury, or to protect our rights or property. Where possible and practical to do so, we will tell you in advance of such disclosure.

Service Providers and Other Third Parties
We may use a third-party service provider, independent contractors, agencies, or consultants to deliver and help us improve our products and services. Service providers may be within or located outside the EEA. We may share your data with marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others but only to maintain and improve our products and services. For further information on the recipients of your Personal Data, please get in touch with us at privacy@assetflo.com

Data Aggregation and Analytics
We may collate your personal data you provide to us or we collect and use it anonymously for analytics, benchmarking, and to effectively monitor our service and improve your user experience.

Merger or Acquisition
If we are involved in a merger, acquisition or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different Privacy Policy. Under certain circumstances, we may be required to disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Security
If we are involved in a merger, acquisition or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different Privacy Policy. Under certain circumstances, we may be required to disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Security
We continuously implement and enhance our technical and organizational security protocols to safeguard against the loss, misuse, or unauthorized modification of personal data collected or received from third parties. In accordance with applicable laws, Assetflo reserves the right to review, scan, or analyze communications for purposes such as fraud detection, investigations, regulatory compliance, risk management, research, product development, and customer support.

Our data transfer mechanisms utilize industry-standard encryption technologies, and we employ network access control measures to restrict access to systems where personal data is stored. We actively monitor our systems for vulnerabilities and potential attacks.

If you identify any breaches in the security of personal data under our custody or that of our third-party service providers, we urge you to reach out to us following the contact guidelines specified in the Contact section above.

Retention & Deletion
We will only retain your personal data for as long as necessary for the purpose for which it was collected and to the extent required by applicable law. When we no longer need it, we will remove it from our systems and/or anonymize it.

Children’s Privacy
We will not knowingly collect personal data from children under the age of 16 years.

Your Rights for Your Personal Data
Depending on your geographical location and citizenship, your rights are subject to local data privacy regulations. These rights may include:

Right to Access (GDPR Article 15, PIPEDA, LGPD, CCPA). You have the right to request a copy of the personal data we are processing about you.

Right to Rectification (GDPR Article 16, PIPEDA, LGPD). You have the right to have incomplete or inaccurate personal data that we process about you rectified.

Right to be Forgotten (right to erasure) (GDPR Article 17, LGPD, CCPA). You have the right to request that we delete personal data that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.

Right to Restriction of Processing (GDPR Article 18, LGPD). You have the right to restrict our processing of your personal data where you believe such data to be inaccurate; our processing is unlawful; or if we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish us to delete it.

Right to Portability (GDPR Article 20, PIPEDA, LGPD). You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you or the third-party that subscribes to Assetflo services.

Right to Objection (GDPR Article 21, LDPD). Where the legal justification for our processing of your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of a legal claim.

Right Not to Be Discriminated (CCPA). You have the right not to be denied service or have an altered experience based on having executed any of your CCPA rights.

Withdrawing Consent
If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge, such as where you wish to opt out from marketing messages that you receive from us. If you wish to withdraw your consent, please contact us at privacy@assetflo.com.

Your Right to Your Data held by a Assetflo Customer
The nature of our products and services results in companies managing the software for use with their employees and contractors. In this scenario, we act as a processor on behalf of our customer (and/or its affiliates), who becomes the responsible controller. We are not responsible for and have no control over the data privacy and security practices of our customers, including breaches, which may differ from this Privacy Policy. As we do not have direct access to customer-controlled data, if you would like to exercise your rights with respect to the data controlled by our customer, please inquire with the customer directly.

How to Exercise Your Rights
You can make a request to exercise any of these rights in relation to your personal data by sending the request by mail to the Data Protection Officer of Assetflo, 9105 Derry Road, #2, Milton, ON, L9T 7Y9, Canada or email to privacy@assetflo.com. For your own privacy and security, at our discretion, we may require you to prove your identity before providing the requested information.

Changes
We may modify this Policy at any time. If we do, we will post an updated version on our website at www.assetflo.com. When using our services, you will be asked to review and accept our Privacy Policy. In this manner, we may record your acceptance and notify you of any future changes to this Policy.

Contact Us
To contact us, please email privacy@assetflo.com or write to us at: Data Protection Officer of Assetflo Inc., 9105 Derry Road, #2, Milton, ON, L9T 7Y9, Canada

Complaints
If you have a complaint about this Policy or any element of your personal information that we hold then please contact us at the above address. If you are not satisfied, then you have the right to lodge a complaint with the local data protection authority. If you are based in the EEA, please visit the following website for a list of local data protection authorities: https://edpb.europa.eu/about-edpb/board/members_en

Last Updated: This Agreement was last revised on March 9, 2025.