‌INTRODUCTION

1. Act! is headquartered at 8800 N. Gainey Center Drive, Suite 250, Scottsdale, Arizona 85258 USA, together with its subsidiaries and affiliates listed in Annex 1. The relevant Act! entity (collectively, "Act!","we","our" or "us") collects information from and about you (a website visitor or an employee of a corporate client) via:

   1. our website(s),

   2. email and communications with you,

   3. mobile and desktop application that you download from the website ("Applications"), and

   4. other sources, including when you respond to advertising which results in you submitting information directly to us

   5. (collectively, the "Services").

2. This Privacy Policy (the "Policy") describes how we collect, use, share or otherwise process your Personal Data, and what your rights are with respect thereto. This Policy applies with respect to this website and to other Act! website(s) and applications where this Privacy Policy is posted.

3. This Privacy Policy does not cover data that our customers store in our products and Services ("Product Stored Data"), for example Act! Premium, Act! CRM, Act! CRM Classic, Act! Emarketing and other related apps or solutions. Because our customers determine how we should process Product Stored Data on your behalf, they are ‘controllers’ of Product Stored Data and we are a ‘data processor’ in relation to same. Each customer is responsible for ensuring that Product Stored Data has been collected and transferred to us in accordance with applicable data protection laws, and each Customer’s own policy and procedures will apply to its Product Stored Data.

4. This Policy does not apply to job applicants or Act! employees.

5. Please note that Parts I and II of our Global Privacy Policy apply generally, regardless of where you are located and which data protection laws apply. The country-specific provisions contained in Parts III through VI may also apply to you, if relevant. In the event of a conflict or inconsistency between the generally applicable provisions of this Policy and the country-specific provisions that apply to you, the country-specific provisions of Parts III, IV, V or VI shall take precedence over the relevant provisions of Parts I and II.

‌SOURCES OF PERSONAL DATA

Personal Data is any information relating to a directly or indirectly identified or identifiable natural person, or as otherwise defined under applicable privacy laws in your jurisdiction, (to the extent such laws apply to us) ("Personal Data"). When you visit our website(s) or use our Services, we collect Personal Data. We collect Personal Data actively and automatically as follows.

1. Personal Data you actively provide to us. When you visit or use some parts of our website(s) and/or Services we might ask you to provide Personal Data to us. For example, we ask for your contact information when you sign up for a free trial. In some cases, we will need Personal Data to provide you with access to certain parts of the website(s) or the Services that you have subscribed to and we will let you know what information is mandatory. In other cases, it may be optional to provide the information and we will signpost that, where appropriate.

2. Information we collect automatically. We collect some information about you automatically when you visit our website(s) or use our Services, in compliance with applicable data protection laws. We also collect information when you browse our website(s), including what pages you looked at and what links you clicked on. We collect your Personal Data automatically and in accordance with local applicable data protection laws because it helps us get a better understanding of how you’re using our website(s) so that we can continue to provide you with the best experience possible (for example by personalizing the content you see and editing our content to be more interesting).

3. Information we get from third parties. In certain circumstances, we may obtain from third parties information about pages you visited before and after your use of website(s), in accordance with applicable data protection laws. This is usually when you have consented to such collection and sharing of data with one of our third party advertising partners, like Google. For further information, please see our cookie policy.

‌CATEGORIES OF PERSONAL DATA WE MAY COLLECT

The Personal Data we collect on or through our Services may include:

1. Identity Data includes first name, last name, username or similar identifier, employment information including company name and title and industry.

2. Contact Data includes billing address, delivery address, email address, telephone numbers and copies of your correspondence with us.

3. Financial Data includes bank account number and payment card details.

4. Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us and the fulfilment of such orders.

5. Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.

6. Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback, survey and research responses and other categories of Personal Data that you submit through our website(s).

7. Usage Data includes information about how you use our website(s), including if you report a problem with the website(s), products and services. It also includes information about how you use our products and services, for example, to check for obsolescence by tracking installed products, product versions and features.

8. Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

‌PURPOSES OF PROCESSING YOUR PERSONAL DATA

We use your Personal Data in a number of ways, as described below.

1. To operate our website(s), to register you as a user and to respond to enquiries received through the website(s).

2. To provide our Applications and products, including:

   1. To administer and protect our business and the Applications (including troubleshooting, data analysis, testing, system maintenance, support, obsolescence, reporting and hosting of data).

3. To manage our relationship with you, including:

   1. To provide technical support issues or other issues relating to our products, website(s) or Services, whether by email, in-app support or otherwise.

   2. To:

      1. Manage payments, fees and charges; and

      2. Collect and recover money owed to us.

   3. To provide you with notices about your account, including expiration and renewal notices.

   4. To manage after sale services, including the handling of any complaints.

   5. To enhance our products, website(s) and Services and develop new ones. For example, by analyzing your use of website(s) and Services so we can keep improving, or by carrying out technical analysis of our products, website(s) and

      Services so that we can optimize your user experience and continually improve our products, website(s) and Services.

   6. To market our products and services to you, subject to applicable legislation. In addition to sending you marketing communications, we may also use your Personal Data to display targeted advertising to you online – through our own website(s) and Services or through third party website(s) and their platforms.

   7. To send you marketing or sales communications (about our own products and Services, and sometimes those of others which are complementary to our own) in accordance with applicable local laws.

   8. To analyze, aggregate and report. We may use the Personal Data we collect about you and other users of our website(s) and Services (whether obtained directly or from third parties) to produce aggregated and anonymized analytics and reports, which we may share publicly or with third parties.

   9. To provide you with information you’ve requested from us (like training or education materials) or information we are required to send to you operational communications, like changes to our website(s), products and Services, security updates, or assistance with using our products, website(s) and Services.

   10. To enable you to partake in a prize draw, competition or complete a survey (which we may engage a third-party to assist us with).

4. To complete all corporate transaction where we might sell, transfer or merge parts of our business or assets, or to negotiate such a transaction, which may include preparing a virtual data room prior to any sale, transfer or merger;

5. To respond to any comments, claims, complaints or queries and to respond to legal processes, including pursuing our legal rights and remedies, investigating, preparing for and defending litigation and managing and conducting any internal investigations.

6. To protect against misuse. So that we can detect and prevent any fraudulent or malicious activity, or other misuse of our website(s) and Services, and make sure that everyone is using our website(s) fairly and in accordance with our terms of use

‌DISCLOSURE OF YOUR PERSONAL DATA

We may share your Personal Data with the categories of recipients described below.

1. ‌Intra-Group

   We share your Personal Data among Act! Entities (listed in Annex 1) in order to operate the website(s) and provide you with the Services.

2. ‌Service Providers

   ‌We may provide Personal Data to our vendors, suppliers, and other business partners to enable them to provide you with Act! products or Services. The service providers are bound by law and/or contract to protect the confidentiality and security of Personal Data and to only use Personal Data to provide requested Services to Act! in accordance with applicable privacy and data protection laws.

3. For Legal, Security or Safety Purposes

   We will also provide your Personal Data to government agencies, courts or other third parties where it is necessary to comply with applicable local laws or regulations, or to exercise, establish or defend our legal rights. If permitted by applicable local laws or regulations, we will notify you of this type of disclosure.

4. ‌In Connection with Corporate Transactions

   In the context of a sale, merger, reorganization or amalgamation of all or part of our business or the insurance of securitization of our assets, we may disclose Personal Data related to our provision of the Services to buyers, their lawyers or professional advisors, courts, tribunals, opposing or other related parties to the proceedings and their professional advisors, where needed to affect the sale or transfer of business assets, to enforce our rights and to protect our property, assets or safety of others.

5. ‌Gmail integration: Use of information received from Gmail APIs will adhere to Google’s Limited Use Requirements:

   If you are an Act! subscriber, you (or your employees if you are a company) will be able to integrate your gmail account with the Application in order to facilitate communications with your business contacts. If you choose to integrate your gmail account with the Application, the following information will be relevant to you:

   1. Limits on Use of Your Google User Data:

      1. Notwithstanding any other provision of this Privacy Policy, if you provide the Application access to your Google data, the Application’s use of that data will be subject to these additional restrictions:

      2. The Application will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.

      3. The Application will not use this Gmail data for serving advertisements.

      4. The Application will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, compliance with applicable law, or for the Application’s internal operations and even then only when the data have been aggregated and anonymized.

      5. The Application’s use, and transfer to any other app, of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

SECURITY

We maintain reasonable security procedures and technical and organizational measures to protect your Personal Data against accidental or unlawful destruction, loss, disclosure, alteration, or use. For example, we comply with Service Organization Controls Type 2 standards to manage and secure Personal Data.

‌RETENTION

We retain Personal Data only for as long as necessary to fulfill the stated purposes for which the Personal Data was collected or otherwise processed, including for the purposes of fulfilling our agreements with customers or vendors, marketing and customer relations, satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period if we reasonably believe there is a prospect of litigation in respect to your Personal Data.

To determine the appropriate retention period for Personal Data, it is our policy to consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

‌COOKIES AND OTHER TRACKING TOOLS

Act! may set and access cookies and other tracking technologies on your computer. For more information, please use the following links to access our cookie policy:

Dutch: https://www.act.com/nl-nl/cookiebeleid

French: https://www.act.com/fr-fr/politique-relative-aux-cookies

English: https://www.act.com/en-uk/cookie-policy

German: https://www.act.com/de-de/cookie-richtlinien

‌ANTI-SPAM

We do not spam, and our policies forbid use of our Services for spam. You may also want to read our Anti-Spam Policy.

‌CONTACT DETAILS

You may direct questions about our processing of your Personal Data or exercise your rights in relation to your Personal Data by sending an e-mail to privacy@act.com. The postal addresses for each Act! Entity are set out in Annex 1 to this notice.

‌UPDATING US

It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.

‌THIRD-PARTY LINKS

This website may include links to third-party website(s), plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party website(s) and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

‌AMENDMENTS

Act! may update this Policy from time to time, but we will not reduce your rights. Please check this Policy periodically for updates. When required, we will post any changes to this Policy on this website.

‌ADDITIONAL INFORMATION FOR INDIVIDUALS RESIDING IN THE EU/EEA/UK

For users or visitors based in the EU/EEA/UK, Act! Software Limited is the controller for this website (contact details can be found in Annex 1) and for certain aspects of the Services. In some cases, we may provide additional data privacy notices specific to certain products or Services, which will be posted on our website if applicable. Those terms are to be read in conjunction with this Policy.

1. ‌Data Protection Rights

   You may exercise the following rights regarding your Personal Data, if you are visiting our website from the EU/EEA/UK.

   You have rights to make a request to us:

   • for access to your Personal Data.

   • for rectification or erasure of your Personal Data.

   • for restriction of processing concerning you.

   • to object to direct marketing (including related profiling).

   • to port your Personal Data which you have provided to us, either to you or to another provider in a structured, commonly used and machine readable format.

   You also have the right to object to our processing which is based on legitimate interest.

   You have the right to withdraw any consent you give us at any time. This will not affect the legality of our consent-based use before you withdrew consent.

   You can exercise those rights to the extent permitted by applicable laws.

   You can exercise these rights and ask questions about the processing of your Personal Data by email to privacy@act.com. You also have the right to make a complaint to the competent supervisory authority of your country of residence or to the competent supervisory authority for Act! in the EU/EEA/UK about the processing of your Personal Data.

2. ‌Legal Basis

   Where we collect Personal Data, we’ll process it as follows:

   Purpose/Activity	Type of data	Lawful basis for processing
   To operate our website
   (a) To register you (or your employer) as a customer (b) To sign you up for a free tria	(a) Identity (b) Contact	Legitimate interest (to perform the Services)
   To operate our website(s) and to respond to any enquiries received through our website(s)	(a) Identity (b) Contact	Legitimate interest (business development)
   To provide our other Services Applications and products
   To administer and protect our business and the Applications (including troubleshooting, data analysis, testing, system maintenance, support, obsolescence, reporting and hosting of data).	(a) Identity (b) Contact (c) Technical (d) Usage	Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise) Necessary to comply with a legal obligation Consent
   To manage our relationship with you
   To: (a) Manage payments, fees and charges (b) Collect and recover money owed to us	(a) Identity (b) Contact (c) Financial (d) Transaction (e) Marketing and Communications	Necessary for our legitimate interests (to manage your account and to recover debts due to us)
   To: (a) provide you with notices about your account, including expiration and renewal notices. (b) manage after-sale services, including the handling of any complaints.	(a) Identity (b) Contact (c) Profile (d) Marketing and Communications	Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
   To enable you to partake in a prize draw, competition, or complete a survey (which we may engage a third-party to assist us with)	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications	Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)
   To provide you with information you’ve requested from us (like training or education materials) or information we are required to send to you operational communications, like changes to our website(s), products and Services, security updates, or assistance with using our products, website(s) and Services.	(a) Identity (b) Contact (c) Marketing and Communications	Necessary for our legitimate interests (to provide the Services)
   To advertise to you. In addition to sending you marketing communications, we may also use your Personal Data to display targeted advertising to you online – through our own website(s) and Services or through third party website(s) and their platforms.	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical	Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
   To analyze, aggregate and report. We may use the Personal Data we collect about you and other users of our website(s) and Services (whether obtained directly or from third parties) to produce aggregated and anonymized analytics and reports, which we may share publicly or with third parties.	(a) Technical (b) Usage	Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
   To protect against misuse. So that we can detect and prevent any fraudulent or malicious activity, or other misuse of our website(s) and Services, and make sure that everyone is using our website(s) fairly and in accordance with our terms of use.	(a) Identity (b) Contact (c) Technical	Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise) Necessary to comply with a legal obligation

   In some cases, we will need Personal Data to provide you the Services you are subscribing to and we will let you know what information is mandatory. In other cases, it may be optional to provide the information. If we don’t collect your Personal Data, we may be unable to provide you with all our Services, and some functions and features on our website(s) may not be available to you.

   Act! does not conduct any automated-decision making.

3. ‌Marketing

   We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising.

   1. Promotional offers from us

      We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

      You will receive sales and marketing communications from us if you have opted- in to receive sales/marketing communication, or where you have requested information from us or purchased goods and/or services from us and you have not opted out of receiving that marketing, in accordance with applicable local laws.

   2. Opting out

      In addition, if you receive email through the Act! emarketing service and wish to opt-out, simply click the "Leave this list"link in the footer of the email.

      If you receive an SMS from Act! and wish to opt-out simply reply to the message with "Stop"in the message body.

      Please allow 10 business days to be removed from the promotional email list.

      Where you opt out of receiving these marketing messages, this will not apply to Personal Data provided to us as a result of a product/service purchase, product/service experience or other transactions.

4. ‌International transfers of Personal Data

   Act! Has entered into an intra-group agreement based on the EU Standard Contractual Clauses for the sharing of business contact data.

   If we export to third-parties outside the EU/EEA/UK, we will ensure that adequate safeguards are in place, for example:

   • By transferring your Personal Data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or Information Commissioner’s Office;

   • Where we use certain service providers, by putting in place specific contract terms approved for use in the EU/EEA/UK, known as the Standard Contractual Clauses; or

   • In certain circumstances, by relying on an exception (derogation) under the GDPR to transfer Personal Data outside of the EU/EEA/UK.

     For further information about the protection of personal data that was collected, used or retained under the EU/UK-U.S. Privacy Shield framework, please see section 14.4(a) below. If you are based outside the UK (excluding the Americas and Oceania) we may share your Personal Data with one of our Act! Certified Consultants – these are identified by country on our relevant web page – click on the ‘Global Partner Network’ tab in the top menu bar of our website.

     1. EU-U.S. Privacy Shield Frameworks

        Act! now relies on the Standard Contractual Clauses to transfer Personal Data outside of the EU/EEA/UK. Although Act! no longer relies on the EU/UK-U.S. Privacy Shield as a transfer mechanism to legitimize transfers of Personal Data from the EU or the UK, we commit to adhere to, and have certified to the Department of Commerce that we adhere to, the Privacy Shield Principles with respect to EU and UK Personal Data that has been transmitted to, processed and retained by Act! pursuant to the Privacy Shield framework.

        To learn more about the Privacy Shield, and to view Act!’s certification, please visit https://www.privacyshield.gov and https://www.privacyshield.gov/list, respectively.

        1. Revoking or Limiting Consent and Opting Out

           With respect to Personal Data transferred in reliance on the Privacy Shield, you may also have the right to opt out of having your Personal Data shared with third parties, and you may revoke your consent that you have previously provided for us to share your Personal Data with third parties, except as required by law. You also have the right to opt out if your Personal Data is used for any purpose that is materially different from, but nevertheless compatible with the purpose(s) for which it was originally collected or subsequently authorized by you. To do this, you may send your request to by contacting us using the information in the Act! Contact Information section of this privacy policy.

        2. Dispute Resolution

           Where a privacy complaint or dispute cannot be resolved through our internal processes, Act! has agreed to participate in the VeraSafe Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Privacy Shield Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

        3. Binding Arbitration

           If your dispute or complaint can’t be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield.

        4. Regulatory Oversight

           Act! is subject to the investigatory and enforcement powers of the United States Federal Trade Commission

     2. ‌Contact:

        Please contact us at privacy@act.com if you want to receive further information or, where available, a copy of the relevant data transfer mechanism.

5. ‌Retention of Personal Data

   The period for which we will store Personal Data is based on our need to fulfil our legitimate business needs, comply with applicable law, resolve disputes, and enforce our agreements. If you (or the company/organization you represent) becomes a customer of Act!, typically we will process your Personal Data for up to 6 years after the date of last purchase at which point we will destroy it. If you (or your company/organization) does not become a customer, typically we will process it for up to one year before we destroy it or delete your Personal Data from the contact details of the relevant account records we hold for your company/organization.

   If you would like further information about specific retention periods, please contact us using the contact details in Annex 1.

6. ‌Disclosure of your Personal Data

   We will also provide your Personal Data to government agencies, courts or other third parties where it is necessary to comply with applicable UK, EU/EEA and/or Member State laws or regulations, or to exercise, establish or defend our legal rights. If permitted

   by UK or EU/EEA and/or Member State by law and appropriate, we will notify you of this type of disclosure.

‌ADDITIONAL INFORMATION FOR INDIVIDUALS RESIDING IN THE USA

1. We do not sell or rent personal information, as defined in the California Consumer Privacy Act ("CCPA"). No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. This excludes text messaging originator opt-in data and consent, which will not be shared with any third parties.

2. ‌Email or SMS and Opt-Out.

   Occasionally, Act! may send you communications to provide you with information or promotions relating to products and services that may be of interest to you, including notification of important product issues and updates. You may opt out of receiving these communications as indicated below. Additionally, we may still send you relationship or transactional messages in order to notify you of important product issues and updates, such as for the renewal of existing subscription services, to resolve specific questions or requests made by you via phone/SMS, fax, email, or the Web and in response to any activity completed on any of the Sites, including but not limited to, registration, ordering, downloads, and requests for information. Message frequency varies per user. Message and data rates may apply.

   Each email we send will contain instructions on how to unsubscribe in the event that you do not wish to receive future promotional emails from Act!. Please allow 10 business days to be removed from the promotional email list. If you receive email through the Act! emarketing system and wish to opt-out, simply click the "Leave this list"link in the footer of the email.

   Each SMS message allows you to unsubscribe to future messages by replying to the message with "STOP"in the message body. Text HELP for help.

   ‌Carriers are not liable for delayed or undelivered messages.

3. Third-party email promotions.

   If you access and/or use any third party services from a link on the Sites, a Partner co- branded site or by any other means, any information you reveal in connection with such service is submitted to that third party and is not subject to this Privacy Policy. You should consult the privacy policy of the third-party site with respect to its treatment of any information that you may reveal in connection with such service.

4. ‌California residents

   Please review California Privacy Notice here.

5. ‌Website Traffic

   The Act! website uses analytics software to monitor traffic for our own internal purposes, to optimize the use of our website.

‌ADDITIONAL INFORMATION FOR INDIVIDUALS RESIDING IN CANADA

1. ‌Consent

   When you access this website, download or use any mobile or desktop applications obtained from the website, respond to one of our surveys, correspond or communicate with us or otherwise do business with us, you consent to our collection, use and disclosure of your Personal Data in accordance with the Act! Global Privacy Policy, this addendum for individuals residing in Canada, and any additional data privacy notices with which you have been provided specific to certain Act! products or Services. Act! will not collect, use or disclose your Personal Data for any other purposes without your additional consent, except where required or permitted by law.

2. ‌Individual Rights and Options

   You have the following rights regarding the Personal Data that we hold about you:

   • To access your Personal Data.

   • To request the correction or modification of any Personal Data that you feel is inaccurate or incomplete.

   • To withdraw consent for any secondary uses of your Personal Data, such as for the purposes of direct marketing (including related profiling).

   You also have the right at any time to withdraw your consent to any collection, use or disclosure of your Personal Data by Act!, subject to legal or contractual restrictions and reasonable notice. Any such withdrawal will not affect the legality of our use or disclosure of your Personal Data before you withdrew consent.

   If you would like to opt-out of any uses of your Personal Data, obtain access, request correction or deletion, make a complaint, or generally have any questions or concerns about our Privacy Policy, you may contact us at the addresses listed below in Annex 1.

   In addition, if you receive email through the Act! emarketing service or an SMS and wish to opt-out from the receipt of future sales, marketing and promotional messages, simply click the "unsubscribe"link in the footer of the email or reply to the SMS with "Stop"in the body of the message. Please allow 10 business days to be removed from the promotional email list. Note that even if you unsubscribe from the receipt of marketing email messages, we may still send you relationship or transactional messages, such as to notify you of important product issues and updates, to advise you of changes to our terms of use or this Privacy Policy, or to contact you in relation to any business transactions with Act! such as registration, ordering, downloads, and requests for information.

3. ‌International transfers of Personal Data

   Your Personal Data may be stored or processed outside of Canada by Act! or its service providers, where it will be subject to the laws of the jurisdiction in which it is stored.

   ‌Please contact us at Annex 1 if you have any questions about the collection, use, disclosure or storage of Personal Data outside of Canada by service providers acting on our behalf or if you would otherwise like to receive further information respecting our policies and practices with respect to service providers outside Canada.

4. Retention of Personal Data

   ‌The period for which we will store Personal Data is based on our need to fulfil our legitimate business needs, comply with applicable law, resolve disputes, enforce our agreements and otherwise protect our interests or those of our customers. If you (or the company/organization you represent) becomes a customer of Act!, typically we will process your Personal Data for up to 6 years at which point we will destroy it. If you (or your company/organization) does not become a customer, typically we will process it for up to one year before we destroy it or delete your Personal Data from the contact details of the relevant account records we hold for your company/organization. Note that where you have opted out of certain marketing uses, we may retain certain personal information to ensure that those preferences will continue to be respected. ‌

‌ADDITIONAL INFORMATION FOR INDIVIDUALS RESIDING IN AUSTRALIA

To the extent the Privacy Act 1988 (Cth) ("Privacy Act") is applicable to you and our collection, storage, use and disclosure of your Personal Data, the additional sections of this Privacy Policy contained in this paragraph 12 will apply to you. These sections are in addition to, and not in substitution or replacement of the remaining provisions of this Privacy Policy which continue to apply.

1. ‌Your rights under Australian Privacy Law

   You are entitled to access the Personal Data we hold about you and may request that we correct any errors in the information we hold. If you would like to access or correct your Personal Data held by us, please contact us using the contact information in Annex 1 below.

   We will take reasonable steps to allow you to access your information unless circumstances exist that would prohibit us from doing so.

   We will correct your Personal Data where we are satisfied that the information is inaccurate, out of date, incomplete, irrelevant or misleading. If we correct any Personal Data that we have disclosed to third parties we will take reasonable steps to notify those parties of the change or update. You accept that, following a request to correct your information, we may be required to take reasonable steps to verify your identity or the Personal Data, which may include confirmation with third parties.

   If you are concerned that we may have breached the Australian Privacy Principles, please contact us immediately. We will undertake a reasonable and expeditious assessment of the concern and suggest relevant resolution processes.

2. ‌Overseas Data Transfer

   In connection with providing our services to you, we may store, use, or disclose your Personal Data in countries outside of Australia including the United States, Canada, the UK, France, Germany and India.

   We will not send your Personal Data to third party recipients outside of Australia without first taking reasonable steps to ensure that the overseas recipient complies with the Australian Privacy Principles and this Privacy Policy or without obtaining your consent or otherwise complying with the Privacy Act.

   By reviewing this Privacy Policy and using our Services, you consent to any such overseas transfers, provided that they are otherwise in accordance with this Privacy Policy.

3. ‌Direct Marketing

   Where we use your Personal Data to send you sales, marketing and promotional information you will be provided with the opportunity to opt-out of receiving such information. Unless you exercise your right to opt-out of such communication, you will be taken to have consented to receive similar information and communications in the future