PLEASE READ THIS PRIVACY POLICY BEFORE ACCESSING AND USING THE SERVICES. BY ACCESSING THE SERVICES, YOU AGREE TO THIS PRIVACY POLICY, INCLUDING TO THE COLLECTION AND PROCESSING OF YOUR PERSONAL INFORMATION (AS DEFINED BELOW). IF YOU DISAGREE TO ANY TERM PROVIDED HEREIN, YOU MAY NOT ACCESS OR USE THE SERVICES.

Please note: You hereby acknowledge and agree that you are providing us with Personal Information at your own free will and that we may collect and use such Personal Information pursuant to this Privacy Policy and any applicable laws and regulations.

• Non-Personal Information: “Non-Personal Information” is un-identified and non-identifiable information pertaining to a user, which may be made available to us, or collected automatically via your use of the Services which does not enable us to identify the person from whom it was collected. This Non-Personal Information, which is being gathered, consists of behavioral information mainly of technical and aggregated non-identifiable usage information, such as system data related to your operating system and browser version, screen resolution, language, duration of usage of the Services, etc.
• Personal Information: “Personal Information” is information that identifies an individual or may with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person. Identification of an individual also includes the association of such an individual with a persistent identifier such as a name, an identification number, etc. Personal Information does not
  include information that has been anonymized or aggregated and can no longer be used to identify a specific natural person. Personal Information that is collected by us consists of the following types of Personal Information:‍
  
  • Terra Services. We collect account registration information from Customers’ authorized users such as name, phone, organization email address, role, IP address and log-in credentials (e.g. Google sign-up or other account authentication methods made available
    through the Services).‍
  • Prospect Data. We collect name, organization, role, and email of enterprises representativeswho are prospective customers or partners of Terra. This includes Personal Information provided to Terra through the ‘contact us’ or similar option on our website, interactions made through social media platforms, conferences and events and similar business interactions.‍
  • Employees and Candidates. We collect name, email, phone, CVs and related information necessary for evaluation of candidates who are interested in working at Terra.

We do not collect any Personal Information from you or related to you without your approval, which is obtained, inter alia, through your acceptance of this Privacy Policy.

• We collect information through your use of the Services. In other words, we are aware of your usage
  of the Service and may gather, collect and record the information relating to such usage, as further
  detailed below.
• We collect information that you provide us voluntarily. For example, we collect Personal Information
  that you voluntarily provide when you request to provide us with your name and email upon your initial
  registration for the Services.

• To provide, operate and improve our Services and related offers and to manage our business.
• To provide you with a better user experience, more fitted to their specific needs.
• To be able to contact with users who requested such contact to be made, for the purpose of providing them with further information on Terra and its Services.
• To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities, whether suspected or actual.
• To comply with any applicable rule or regulation and/or response or defend against legal proceedings versus us or our affiliates.
• To be able to send you our newsletters and information in connection with the Services, where you registered to receive such messages or have otherwise provided us with their consent, or otherwise to provide important notices with respect to Services to which you have registered.
• To market our Services (including via our marketing service providers), and to be able to track and evaluate our marketing activities and their results and attribute different marketing achievements to the respective marketing efforts.
• To act upon and comply with requests you may make pursuant to this Privacy Policy and the privacy laws that apply to you.
• To perform functions or services as otherwise described to you at the time of collection.

• With your consent: We ask for your agreement to process your information for the specific purposes stated in this Privacy Policy and you have the right to withdraw your consent at any time.
• Performing an agreement with you: We collect and process your Personal Information in order to provide you with the Services, following your acceptance of this Privacy Policy and pursuant to the Terms and Conditions.
• Legitimate interests: We process your information for our legitimate interests while applying appropriate safeguards that protect your privacy. This means that we process your information for purposes like detecting, preventing or otherwise addressing fraud, abuse, security, usability,
  functionality or technical issues with our Service; protecting against harm to the rights, property or safety of our properties, our users or the public as required or permitted by law; enforcing legal claims, including investigation of potential violations of this Privacy Policy; and in order to comply and/or fulfill our obligations under applicable laws, legal process, subpoena or governmental request.

We may share information with third parties (or otherwise allow them access to it) only in the following manners and instances:

• Internally – We may share information with our affiliates, as well as our employees, for the purposes described in this Privacy Policy. In addition, should Terra or any of its affiliates undergo any change in control, including by means of merger, acquisition or purchase of substantially all of its assets, your information may be shared with the parties involved in such event under strict security conditions, for the purpose of evaluating such event and in accordance with the terms of this Privacy Policy. If we believe that such change in control might materially affect your Personal Information then stored with us, we will notify you of this event and the choices you may have, through prominent notice on our Services.
• Protecting Our Rights and Safety – We may share your information to enforce this Privacy Policy and/or the Terms and Conditions, including investigation of potential violations thereof; to detect, prevent, or otherwise address fraud, security or technical issues; or otherwise if we believe in good faith that this will help protect the rights, property or personal safety of any of our users, or any member of the general public.
• Third Parties & Business Partners – We may share your Personal Information with a number of selected service providers whose services and solutions are required or otherwise facilitate achievement of the purposes of processing set forth under Section 4 above, including without limitation certain third-party artificial intelligence model providers. These third parties serve in facilitating and enhancing our Services and related services, including such third-party services required to allow platform analytics and other essential third party services. Our third party services providers act as our sub-processors and may only process your information according to our instructions (which are given in accordance with this Privacy Policy).
• Law Enforcement – We may cooperate with government and law enforcement officials to enforce and comply with the law. We may therefore disclose any information to government or law enforcement officials as we believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party’s property and legal rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.

For the avoidance of doubt, we will NOT sell (as “sell” is traditionally defined) your Personal Information. That is, we will not provide your name and email or other personally identifiable information to third parties in exchange for money. We may share anonymized or de-identified information with any other third party, at our sole discretion.

However, under California law, certain cases of sharing information, such as for advertising purposes, may be considered a “sale” of personal information. However, to the extent applicable, including if a supervisory authority determines that our practices include the selling and/or sharing of your personal information (as such terms are defined under applicable US State Privacy Laws including the CCPA), and you would like to opt out of the “sale” or “sharing” of your personal information, please contact us at support@terra.security.

• With your consent: We ask for your agreement to process your information for the specific purposes stated in this Privacy Policy and you have the right to withdraw your consent at any time.
• Performing an agreement with you: We collect and process your Personal Information in order to provide you with the Services, following your acceptance of this Privacy Policy and pursuant to the Terms and Conditions.
• Legitimate interests: We process your information for our legitimate interests while applying appropriate safeguards that protect your privacy. This means that we process your information for purposes like detecting, preventing or otherwise addressing fraud, abuse, security, usability, functionality or technical issues with our Service; protecting against harm to the rights, property or safety of our properties, our users or the public as required or permitted by law; enforcing legal claims, including investigation of potential violations of this Privacy Policy; and in order to comply and/or fulfill our obligations under applicable laws, legal process, subpoena or governmental request.

Your information may be transferred to, maintained, processed and stored by us and our authorized affiliates and service providers in Israel and the United States. Please note that the data protection laws in the above jurisdictions may not be as comprehensive as those in your country of residence. Residents of certain countries may be subject to additional protections, as set forth below.

GDPR (EEA Users)

This section applies only to natural persons residing in the European Union, EFTA States, or the United Kingdom (for the purpose of this section only, "you" or "your'' shall be limited accordingly). It is Terra’s policy to comply with the EEA's General Data Protection Regulation (“GDPR”) and the UK GDPR.

In accordance with the GDPR, we may transfer your Personal Information from your home country to the U.S. and/or other countries, provided that the transferee has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. Specifically, we may cause such transfer if we ensured that at least one of the following applies:

• The country to which Personal Information has been transferred, has been determined by the EU Commission to be a country providing adequate protection to the privacy rights of EU residents.
• Application of Standard Contractual Clauses where appropriate.

Under certain laws, including the EU, UK and US-state data protection laws, individuals have rights regarding their Personal Information. You can exercise your rights at any time by contacting us at: support@terra.security.

Those rights may include, but are not limited to, the following:

• Right of access. You may have a right to know what information we hold about you and, in some cases, to have the information communicated to you. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information.
• Right to correct Personal Information. We endeavor to keep the information that we hold about you
  accurate and up to date. Should you realize that any of the information that we hold about you is
  incorrect, please let us know and we will correct it as soon as we can. The setting for a particular forum
  may also allow you to close your account, on the setting page for your account. Depending on the
  settings for your particular forum, you may also be able to edit, anonymize, or erase your posts.
• Data deletion. In some circumstances, you have a right to request that some portions of the Personal
  Information that we hold about you be deleted or otherwise anonymized.
• Data portability. In some circumstances, you may have the right to request that we will provide you
  with the Personal Information you have made available to us, so you can transfer it to another party.
• Restriction of processing. In some cases, you may have the right to request restriction of the
  processing of your Personal Information, such as when you are disputing the accuracy of your
  information held by us.

Please note that these rights are reliant upon the data protection and privacy laws that are applicable in your jurisdiction. Terra may refuse requests to exercise data subject rights if there is a legitimate reason, such as if we cannot authenticate your identity, if the request could violate the rights of a third party or applicable law, or prevent us from delivering a service you requested. If you would like to make any requests or queries regarding personal data we process as a data processor on our Customer’s behalf, including accessing, correcting or deleting your data, please contact Customer (i.e., your organization) directly.

We use certain monitoring and tracking technologies, including ones offered by third party service providers. These technologies are used in order to maintain, provide and improve our Services on an ongoing basis, and in order to provide a better experience to our users. For example, these technologies enable us to:

1. Keep track of our users’ preferences and authenticated sessions.
2. Secure our Services by detecting abnormal behaviors.
3. Identify technical issues and improve the overall performance of our Services.
4. Create and monitor analytics.

Specifically, we may use cookies in connection with our Services. A “Cookie” is a small data file that is downloaded and stored on your computer or mobile device when you visit our Services.

We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use, or disclosure of your Personal Information. We limit access of your information only to those employees, third party service providers or partners on a “need to know” basis, and strictly in order to enable us to perform the agreement between you and us.

Despite these measures, Terra cannot provide absolute information security or eliminate all risks associated with Personal Information, and security breaches may happen. If there are any questions about security, please contact us
at support@terra.security.

We use certain monitoring and tracking technologies, including ones offered by third party service providers. These technologies are used in order to maintain, provide and improve our Services on an ongoing basis, and in order to provide a better experience to our users. For example, these technologies enable us to:

1. Keep track of our users’ preferences and authenticated sessions.
2. Secure our Services by detecting abnormal behaviors.
3. Identify technical issues and improve the overall performance of our Services.
4. Create and monitor analytics.

Specifically, we may use cookies in connection with our Services. A “Cookie” is a small data file that is downloaded and stored on your computer or mobile device when you visit our Services.

The cookies we use can be classified in one of the following categories:

We will retain your Personal Information only as long as necessary for the purposes for which it was collected andprocessed. If you withdraw your consent to our processing your Personal Information, we will delete your PersonalInformation from our systems (except to the extent retaining such data in whole or in part is necessary to comply withany applicable rule or regulation and/or to respond to or defend against legal proceedings brought against us or ouraffiliates).

To use our Services, you must be over the age of eighteen (18). Therefore, we do not knowingly collect Personal Information from individuals under the age of eighteen and do not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that individuals under the age of eighteen are not using the Services. If you believe that we might have any information from or about an individual under the age of eighteen, please contact us at: support@terra.security.

We welcome qualified candidates to apply to any of the open positions posted on our Services by sending us your contact details and CV or resume (“Candidate Information”). Since privacy and discreetness are very important to our candidates, we are committed to keep Candidate Information private and will use it solely for our internal recruitment purposes (including for identifying candidates, evaluating their applications, making hiring and employment decisions, and contacting candidates by phone or in writing).

Please note that we may retain Candidate Information submitted to us even after the applied position has been filled or closed. This is done so we could re-consider candidates for other suitable positions and opportunities at Terra; so we can use Candidate Information as a reference for future applications; and in case the candidate is hired, for additional employment and business purposes related to their employment with us.

You hereby agree that we may use your contact details provided by you for the purpose of informing you regardingupdates and offers related to our Services that may interest you and other related marketing materials. You maywithdraw your consent via sending a written notice to Terra by email to the following address: support@terra.security or by clicking the “Unsubscribe” button displayed in the email you received.

This Privacy Policy, its interpretation, and any claims and disputes related hereto, shall be governed by the laws of the applicable laws set out in the Terms and Conditions without respect to its conflict of law principles. Any and all such claims and disputes shall be brought in, and you hereby consent to them being litigated in and decided exclusively by a court of competent jurisdiction as set out in the Terms and Conditions.

If you wish to exercise any of the aforementioned rights or receive more information, please email us at: support@terra.security.