Last Update Status: Updated April 2017

1. Overview: Stabilitas utilizes great care in keeping the information of the users of the Site (including customers) (“Users” or “You”) private and secure.

2. Purpose: This Privacy Policy demonstrates our firm’s commitment to maintaining the privacy of all data collected, describes the information we collect; how we use, disclose, and share that information; and how we protect the information. Capitalized terms not defined in this policy are defined in the End User Agreement

.3.Scope: This Privacy Policy applies only to the Services and does not apply to Third Party Services, which are governed by their own privacy policies. If your organization uses the mass notification feature, Stabilitas may rely on third parties to transmit emergency messages to you. For example, Stabilitas may deliver a notification via SMS text or voice call by transmitting the message, including your mobile phone number, via an API managed by a third party. Stabilitas is potentially liable for onward transfers to third parties of personal data of EU individuals received pursuant to Privacy Shield.

4. Stabilitas and the EU­‐U.S. Privacy Shield Stabilitas complies with the EU-­‐U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Stabilitas has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ In compliance with the Privacy Shield Principles, Stabilitas commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Private Shield policy should first contact Stabilitas at: (202) 683-­‐7760 or info@stabilitas.io. Stabilitas has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you. Further, Stabilitas is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under certain conditions an individual can invoke binding arbitration. Under certain circumstances, Stabilitas may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

5. Individual Rights and Choices: You have the right to access your own personal data. For questions, or access, please contact us at (202) 683-­‐7760 or info@stabilitas.io. As a Stabilitas user, you have the choice and ability to limit the use and disclosure of your personal data. If using the Stabilitas mobile application, you may choose not to "ping" location data by toggling this on or off on the mobile app. Secondly, should you choose to ping your location data, you may choose to randomize your location, described below. You may also request to be un-­‐enrolled from the emergency notification system by contacting us at (202) 683-­‐7760 or info@stabilitas.io.

6. Policy: This Privacy Policy sets out how Stabilitas (“we” or “us”) collects, uses and stores personal information about you, your customer, employee and/or end user (“you” or “your”).1.What personal information do we collect, and how do we use that personal information?

1.1. In order for us to supply services to you, we need to collect certain personal information about you. As of March 2017, this information primarily includes your name, email address, title, and mobile number.In the future, this personal information may expand to include your address, occupation, gender, date of birth, travel details, personal preferences, hobbies and interests, travel documents such as passport and visa information, other types of personal information to assist you with your travel arrangements and opportunities at your current location, and details of your use of our services (which may include details of messages you have sent and received and of other types of communication you use). Collected information may also include your location, via the mobile application. The mobile application includes options for mobile users to:•Share their geographic location, for obscured display (“ghosting”), with teammates at the same account, and with Security Managers or Travel Managers.•Share their geographic location, for non-­‐obscured display (with the same people).•Not share their geographic location.We use the term “obscured” or “ghosting” to mean the following:•the mobile user’s geographic location is collected by the smart phone’s GPS and•the Stabilitas mobile application periodically collects the geographic location coordinates and sends this information to the Stabilitas server and•if the “ghosting” feature is toggled on by the mobile user, the mobile user’s geographic location is displayed randomly, within a 10km radius of the actual location collected by the GPS.In a crisis, as defined by the Organizational Security Team or Travel Team, the Organizational Security or Travel Team may “disable” ghosting. If ghosting is disabled, the mobile user is notified through the mobile application.

1.2. As our services expand, we may collect personal information in a range of ways, including:(a)when you provide it directly to us;(b)from your employer;(c)from third party service providers;(d)from publicly available sources;(e)from our records of your use of the service; and(f)when we are required to do so by law, for example, when we are required to verify your identity from certain documents before supplying a service to you.

1.3. Where you provide the personal information of a third party (for example your employee or customer) you:(a)warrant that the third party has authorized our collection of the information from you; and(b)are responsible for ensuring that they are aware of the content of our privacy policy.

2. Purposes for which we collect, use, and disclose personal information

2.1. We collect personal information to supply our services to you, or for related purposes, such as:(a)providing you with security updates and alerts about the geographic area you are in, or are traveling to.(b)facilitating your assistance, should you need it.(c)conducting market research;(d)administering your use of our services;(e)business planning and product development;(f)reviewing and improving our services;(g)responding to your questions or suggestions;(j) receiving professional advice, such as legal or financial advice; and(k)doing anything we are required to do by law or on the direction of a relevant authority, including to assist in connection with legal proceedings, crime or fraud protection, detection and prosecution;

2.2. We may disclose your personal information to:(a)third parties that provide services to us or through our networks;(b)our service providers, partners and third party suppliers;(c)our related companies; and(d)information technology service providers responsible for our communication networks.

2.3. If you do not provide your personal information to us, we may be unable to supply some or all of our services to you.

2.4. If you choose to follow up on an offer provided to you, the party offering the goods or services may have different privacy practices to those set out in this privacy policy. Please review the privacy policies of any such parties if you have any concerns.

3. SecurityWe will take all reasonable precautions to protect your personal information from loss, misuse, unauthorised access, modification or disclosure.We will also take reasonable steps to destroy or de-­identify personal information when it is no longer required.

4. Trans-­‐border data flowsWe may transmit personal information outside the U.S. if we consider it is appropriate to do so to most efficiently supply our services to you.By providing your personal information to us you consent to such transfer.

5. Finding out about the personal information held by usWe will always try to keep personal information we collect, use and retain about you accurate and up-­‐ to-­‐date. You may contact us at info@stabilitas.io to find out about the information we hold about you, and we will provide that information to you (provided we are permitted by law to do so).In some circumstances, pending the frequency of the request and the effort required to retrieve the information, we may charge you a reasonable fee for providing this information.If there are any errors in the personal information we hold about you, or if you tell us that any of your personal information has changed, we will correct and update the information we hold about you.