DEWALT Privacy Policy DFP Safety Vault Privacy Policy PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING THE DFP SAFETY VAULT MOBILE APPLICATION (THE APPLICATION). YOUR ACCEPTANCE OF THIS PRIVACY POLICY GOVERNING YOUR USE OF THE APPLICATION IS A CONDITION OF YOUR RIGHTS TO FURTHER ACCESS ANY AND ALL MATERIALS CONTAINED ON OR ACCESSED THROUGH THE APPLICATION. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY, PLEASE DO NOT USE THE APPLICATION. General. DFP Safety Corporation, a Delaware corporation (referred to herein as “DFP Safety,” “we,” “us,” or “our”), designs and operates its Application with the goal to protect your privacy and further comply with our Application privacy policy (“Privacy Policy”). By accessing, receiving, downloading, syncing, using, or possessing or continuing to access, receive, download, sync, use, or possess software, toolbars, user interfaces, applications, and associated media (Software) for use via the Internet, or via wireless or other handheld or mobile devices (Hardware), printed, online, and electronic materials associated therewith (Documentation) and data, materials, and content (Data) (collectively Software, Data, and Documentation to be known as Services herein) submitting a registration form, or clicking the \”I Agree\” or \”Continue\” buttons when prompted and completing the registration form, you are entering into this Agreement with DFP Safety, and you hereby acknowledge and agree to the validity and applicability of the Privacy Policy. General Data Protection Regulation. The General Data Protection Regulation (“GDPR”) applies to the processing of personal data in the context of the activities of an establishment in the European Economic Area (“EEA”), as well as to firms outside the EEA that process personal data relating to the offering of services to individuals in the EEA. Please note that certain sections of this Privacy Policy, as identified below, only apply where the GDPR applies to the processing of your personal data. California Consumers. Effective January 1, 2020, the California Consumer Privacy Act (CCPA) allows California residents, upon a verifiable consumer request, to request that a business that collects personal information from California consumers to give consumers access, in a portable and (if technically feasible) readily usable form, to the specific pieces and categories of personal information that the business has collected about the consumer, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Please note that you must verify your identity and request before further action is taken. As a part of this process, government identification may be required. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney; or the agent must provide proof that you gave the agent signed permission to submit the request and either (i) verify your identity with us or (ii) directly confirm with us that you provided the authorized agent permission to submit the request. Purpose of Information. We use your personal data to (1) correspond with you, send you information or promotional materials that you have requested through our Application, by email, or telephone request; (2) correspond with third parties such as service providers, legal advisors, auditors, and technology providers and regulatory authorities to comply with any legal obligation imposed on us or in order to pursue our legitimate business interests; (3) maintain our records; and (4) operate the Application and perform the Services, including analyzing your use of our Application. Information collected. We collect certain identifying information from or about you in connection with your use of the Services, including, without limitation, any information that may be used to identify an individual such as a first and last name, business details, a phone number, or an email address. The purposes for which we may collect, store, and use personal data about you and our ‘lawful basis’ for processing such data are set out below. Lawful Basis for Processing. Our basis for processing your data include (1) our legitimate interests in responding to your inquiry, sending you the information you have requested, or otherwise communicating with you in the course of our business; (2) compliance with applicable legal obligations; (3) our legitimate interests in conducting our business in a proper manner; and (4) our legitimate interests in studying how our Application and Services are used, keeping our Application updated and relevant, developing our business and informing our marketing strategy, and where required by law, to do so or if we reasonably believe that it is necessary to protect our rights or to comply with judicial or regulatory proceedings, a court order, or other legal process. Information Sharing. We do not sell, rent, or lease our user lists or the identity of individual users to third parties. DFP Safety does not disclose personal data about its clients to non-affiliated third parties, except as required or permitted by law, for its everyday business purposes (such as to process transactions or service a client account). Under certain circumstances, DFP Safety may also disclose personal information if we become subject to a subpoena or court order, or if we are otherwise legally required to disclose information. We may also use and disclose personal information to establish or exercise our legal rights, to enforce the Terms of Use (the “Terms”), to assert and defend against legal claims, or if we believe such disclosure is necessary to investigate, prevent, or take other action regarding actual or suspected illegal or fraudulent activities or potential threats to the physical safety or well-being of any person. We share your information with (1) our affiliates or subsidiaries with respect to company performance or for marketing and business development; (2) professional advisers including lawyers, bankers, auditors, and insurers; and (3) regulators and other service providers. Information Collection. We collect personal and non-personal data about you when you provide information to us when communicating or transacting with us in writing by filling in forms or by corresponding with us by mail, telephone, e-mail, or otherwise. As you interact with our Application, we may automatically collect technical data about your equipment, usage of the Application, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. We adhere to the standards set out in this Privacy Policy and do not monitor or follow any “do not track” browser requests. Information Retention. We will retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements and our legitimate interests in maintaining such personal information in our records. In doing this we will have regard to the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means and the applicable legal requirements. Generally, we will keep information relevant to our dealings with you for a minimum period of seven years following the last date of activity or longer as required by applicable law or regulation. Once we no longer require your personal data for the purposes for which it was collected, we may securely destroy your personal data in accordance with applicable laws and regulations. Policy Changes. We may change this Privacy Policy at any time without notice. The most recent version of the Privacy Policy is reflected by the version date located at the bottom of this Privacy Policy. All such updates and amendments are effective immediately upon posting a revised version of this Privacy Policy or other notice on the Application. You should view this Privacy Policy often to stay informed of changes that may affect you. We expressly reserve the right to make any changes to this Privacy Policy at any time, without prior notice to you. The version of this Privacy Policy posted on the Application on each respective date you visit the Application shall be the Privacy Policy applicable to your access and use of the Application on that date. User Choices. When submitting information, corresponding, making requests for information, and otherwise interacting with DFP Safety and its representatives through or in connection with the Application, you choose what information to supply or submit, whether you wish to receive further information, and how you may be contacted. You are not required or obliged to share such information and should only share information that you believe is necessary or appropriate. However, please note that our Application may automatically collect certain technical data. User Rights. Where the GDPR applies to the processing of your personal data, you have rights as an individual which you can exercise in relation to the information we hold about you under certain circumstances. These rights are to (1) request access to your personal data (commonly known as a “data subject access request”) and request certain information in relation to its processing; (2) request rectification of your personal data; (3) request the erasure of your personal data; (4) request the restriction of processing of your personal data; (5) object to the processing of your personal data; and (6) request the transfer of your personal data to another party. If you want to exercise one of these rights please contact us at [ insert email ] or DFP Safety Corporation, [ insert address ]. You also have the right to make a complaint at any time to a supervisory authority for data protection issues. User Requirements. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it. Information Protection. While DFP Safety takes commercially reasonable measures to secure and protect information transmitted via the Application, no security system is impenetrable. We cannot guarantee that information that users of our Application may happen to transmit or otherwise supply will be totally secure. You agree to immediately notify us of any breach of the Application’s security, this Privacy Policy, or the Terms of which you become aware. User-Provided Content. Any information, communications, or material of any type or nature that you submit to the Application by e-mail, posting, messaging, uploading, downloading, or otherwise (collectively, a “Submission”) is done at your own risk. We cannot control the actions of other users and we are therefore not responsible for any Submissions contained on the Application. By visiting our Application, you are representing and warranting to us that you have reviewed this Privacy Policy and the Terms and that you will abide by all such provisions contained therein. Visiting the Application from Outside the United States. If you are visiting the Application, or any part thereof, from outside of the United States of America, please be aware that your information may be transferred to, stored, or processed in the United States as our Application is hosted there. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country, but please be assured that we take steps to protect your privacy. Where this is the case, we will put in place appropriate safeguards such as the EEA-approved standard contractual clauses to ensure that your personal data is treated in a manner that is consistent with and respects the EEA laws on data protection. This Privacy Policy was last updated on June 2022.