ProtiFi, LLC
Privacy Notice
At ProtiFi,* we recognize the importance of data protection and privacy. This Privacy Notice (“Notice”) provides explains how we collect and use Customer’s* personal data, for what purposes, how it is processed, and how we keep it secure. We base our privacy practices on accepted principles of privacy and data protection including principles of transparency (being open about and communicate how and why we collect Personal Data (as defined below) before such collection takes place), fairness (respecting privacy and obtaining Personal Data in good faith by legitimate, lawful, and fair means, while acting in accordance with this Privacy Notice) and design in privacy and security (creating solutions and processing Personal Data that address privacy and data security needs up front and in accordance with these principles and this Notice).
Definitions
*All terms in this document marked with an asterisk (*) are defined in our in our Terms and Conditions available at https://protifi.com/pages/terms-and-conditions. The first instance of the use of such terms is marked with an asterisk. All other terms are as defined in this document.
I) The Purpose and Reach of this Privacy Notice
This Notice describes the types of Personal Data that ProtiFi may collect or process, how we may use and disclose that Personal Data, and how Customer* may exercise any rights Customer may have regarding our processing of Customer’s Personal Data.
This Notice applies to Personal Data: collected or processed by us online (through websites, Hosted Services*, orders, applications, email, interactions with Customer on social media and otherwise) (“Online Services”); when we provide products and/or services to Customer(s) or commercial laboratories, or other entities; when we process information in other situations where Customer interacts with us, including but not limited to interacting with or visiting our sites and offices or our events (e.g., tradeshows, virtual events, and conferences), when Customer uses ProtiFi Products and/or Services (such products, services, Online Services, and other systems collectively, the “Products”* and/or “Services”* and/or “Hosted Services,”); when we process Customer’s data in the process of providing Products and/or Services, or collaborate to develop or sell such Products and/or Services; when we process Customer’s data as an employee of a company from which we procure products and/or services; when we process Customer’s Personal Data as a prospective employee of ProtiFi; or anywhere this Notice is posted or referenced. This Notice also applies to Personal Data that is collected or processed when Customer interacts with us in person, by telephone, or by mail. The use of “or” and/or “and” in this document means “and/or” unless explicitly stated otherwise, or where the use of “and/or” is clearly inappropriate.
If Customer provides us with Personal Data of anyone other than Customer itself, please note that Customer is responsible for complying with all applicable privacy and data protection laws prior to providing that information to ProtiFi (including obtaining consent, if required).
Please review this Notice carefully. To the extent permitted by applicable law, by providing us Customer’s Personal Data or otherwise interacting with us, Customer is agreeing to this Notice.
ProtiFi, or the ProtiFi subsidiary or affiliate with whom Customer, Customer’s employer, or Customer’s company is interacting or who uses, purchases, tests or otherwise interacts with the Product and/or Service is, where applicable, the entity responsible for the collection and use of Customer’s Personal Data (known in some jurisdictions as the “data controller”).
II) Information Collected, Manner and Purpose of Collection Information
What is Personal Data?

• “Personal Data” is any information—as electronically or otherwise recorded—that can be used to identify a person or that we can link directly to an individual, such as name, address, email address or telephone number. Personal Data in some jurisdictions can include information that indirectly identifies a person, such as a unique number assigned to a person or entity, even absent other identifying information.
• Personal Data might include information considered sensitive in some jurisdictions such as financial account information, geolocation, and other information. Please note that we may receive Customer’s Personal Information from a third party such as (and not limited to) a distributor.
• We will process any Personal Data we collect in accordance with applicable law and as described in this Notice (unless, as a separate policy or notice governs). In some circumstances, if Customer does not provide us with Customer’s Personal Data, certain Products and/or Services may be unavailable to Customer.

Below is description of the types of Personal Data we may collect from Customer, information on how we collect, process, and use Personal Data and the potential recipients of Customer’s Personal Data. Some jurisdictions require us to state the legal bases for processing Customer’s Personal Data, which are included below, but please note that not all jurisdictions may recognize all legal bases.
We may process Customer’s Personal Data when Customer:

• Buy, test, sample, register for, visit, order or use our Products and/or Services including Hosted Services;
• Submit inquiries and/or orders to us both online (e.g., via email, social media) or offline (e.g., by written letters, purchase orders, applications, etc.), or otherwise interact with us in person or otherwise (e.g., tradeshows, virtual events, and conferences, as non-limiting examples);
• Visit or use our websites, Services, Hosted Services and/or our physical locations;
• Sign up for our newsletters or other informational or marketing materials;
• Are a company from which we procure products and/or services;
• Are a collaborator with whom we are researching, developing (e.g. new or existing Products and/or Services) or otherwise working with; and
• Are a prospective employee of ProtiFi and we process Customer’s Personal Data as such; and/or
• See this Notice is posted or referenced.

Examples of the types of data we may process include:

• Identity and contact information, such as: first and last name, email address, postal address, phone number, employer, or username and password;
• Other personal information, such as: age or gender;
• Visual and audio information, such as: still images, video (including via CCTV or screen captures from video interactions), or recordings of Customer’s calls with our customer service representatives;
• Technical Information, such as: Internet Protocol (IP) addresses (which may identify Customer’s general geographic location or company), browser type and browser language, device type, operating system, advertising IDs associated with Customer’s device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID)), date and time Customer uses or accesses our Products and/or Services or websites or Services or Hosted Services, amount of data transmitted, Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving websites or Hosted Services or Services, activity on our websites or Hosted Services or Services and referring websites or applications, data collected from cookies or other similar technologies (e.g. cookies; ProtiFi does not currently use cookies); geolocation information; and
• Anonymized / De-identified Data, data for which Customer’s individual personal characteristics have been removed such that Customer is not identified and the information is no longer considered Personal Data under data protection laws. In the United States, this includes the removal of identifiers from protected health information required under the Health Insurance Portability and Accountability Act (“HIPAA”), 45 CFR § 164.514(b)(2), for such data to be considered deidentified. In the course of research, study doctors and authorized personnel may still have access to named subject records collected for such research.

Where do we get the data?
We get data from Customer directly, Customer’s devices, our security systems (including CCTV) and/or third parties.
Why we process the data?
To the extent permitted by applicable law, including with Customer’s consent where required, we may process the data Customer provides to us to:

• Determine whether Customer would like to initiate a business relationship;
• Fulfill orders and to provide Customer with or give Customer access to Products and/or Services and/or related, including providing quotes, proposals, reports, analyses, demonstrations, and generating contracts and/or purchase orders and/or other related documents;
• Communicate with Customer about or answer Customer’s inquiry or quote request or order or questions, or related;
• Better understand Customer’s needs and guide future improvements of Products and/or Services;
• Direct Customer to the appropriate department or customer service agent;
• Administer our relationship with Customer or Customer’s organization;
• Send Customer updates, to identify and authenticate Customer;
• Customize content for Customer;
• Make, modify or customize offers to Customer based on Customer’s activities on our Services, Online Services and Hosted Services, among other data;
• Deliver relevant content to Customer, which may include informational or marketing emails;
• Detect security incidents;
• Protect against malicious or illegal activity, and/or conduct and monitor data protection and security activities;
• Ensure the appropriate use of our Products and/or Services, to improve our Products and/or Services;
• Determine eligibility for certain Products and/or Services;
• Provide user forums to discuss our Products and/or Services;
• Facilitate conferences, for short-term, transient use, for administrative purposes, for internal reporting and statistics such as and not limited to anonymous usage statistics, for marketing, customer insight, internal research, brand management, and development;
• Conduct troubleshooting, data analysis, testing, research, statistical and survey analysis of our Online Services and Hosted Services to improve the functionality, content, design, and navigation, among other purposes, and/or for quality assurance and to assist in training and development of our representatives;
• Comply with applicable regulations, and to comply with applicable regulations related to the COVID-19 pandemic, we may be required to verify Customer’s COVID-19 vaccination status when visiting one of ProtiFi’s sites.

The legal bases for processing
The legal bases for processing is for the purposes of our legitimate interests, in preparation for or to perform or fulfill a contract or order with Customer, in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law, and to comply with legal obligations that apply to us.
Who receives the data?
The following entities may receive Customer’s data: ProtiFi, our affiliates, subsidiaries, distributors and related companies, partners that assist us in providing the Products and/or Services or help us improve our marketing or administration, and in limited circumstances, recipients may include, (1) in the event of a sale, assignment, or transfer, to the buyer, assignee, or transferee; and (2) government or regulatory officials, law enforcement, courts, public authorities, or others when permitted by this Notice or required by law. Customer data will only be shared to the extent necessary to address Customer’s order or question or related issue requiring access to Personal Data.
III) Customer’s Rights Regarding Customer’s Personal Data
In many circumstances, we cannot effectively do business with Customer without processing some Personal Data about Customer (e.g., Customer’s contact information). For example, when Customer contacts customer service representatives, we may require Customer to provide information to authenticate Customer’s identity and/or address and/or email, etc., to assist with Customer’s request. If Customer is unable to provide this information, we may be unable to process Customer’s request.
Customer may have a right, under Customer’s area’s data protection laws and other relevant laws, to the following rights with respect to some or all Customer’s Personal Data:

1. To request access to Customer’s Personal Data;
2. To object to the sale or sharing of Customer’s Personal Data;
3. To request that we restrict or block the processing of Customer’s Personal Data, unless we can demonstrate that we have legitimate reasons to process Customer’s personal data;
4. To request that we rectify or erase Customer’s Personal Data;
5. To request opt-out of solicitations;
6. To request information to understand data processing activities involving Customer’s Personal Data;
7. To provide Customer’s Personal Data directly to another organization, i.e., a right to data portability; and
8. To lodge a complaint with the data protection authority in Customer’s area.

Rights 3 and 6 are only available whenever the processing of Customer’s personal data is not necessary to: comply with a legal obligation; perform a task carried out in the public interest; exercise authority as a data controller; archive for purposes in the public interest, or for historical research purposes, or for statistical purposes; and to establish, exercise or defend legal claims.
Customer can make a request with respect to Customer’s Personal Data by completing the form located here: https://protifi.com/pages/customer-personal-data-request. Customer can also contact info@protifi.com. We will not discriminate against Customer for exercising any of the rights described above, although we may not be able to continue to provide Customer with Products and/or Services, and it may otherwise affect the way we are able to interact with Customer.
We will make reasonable efforts to respond promptly to Customer’s requests in accordance with applicable laws. We may, after receiving Customer’s request, require additional information from Customer to honor the request and verify Customer’s identity. Please be aware that we may be unable to afford these rights to Customer under certain circumstances, such as if we are legally prevented from doing so.
When we receive Customer’s Personal Data from our Customers and process Customer’s Personal Data on their behalf, we do so in the capacity of a data processor. We do not have control over our Customers’ privacy and security practices and processes. If Customer’s Personal Data has been submitted to us and Customer wishes to exercise any of the above-mentioned rights, or wishes to make a complaint about how we process Customer’s Personal Data, please contact us at info@ProtiFi.com and we will handle Customer’s request as soon as possible. Even if Customer makes a complaint to us, Customer may always make a complaint with the relevant authority in Customer’s location.
IV) Data transfers and other disclosures
Transfer of Personal Data Across National Borders
ProtiFi makes no Personal Data transfers to international organizations with the exception of potentially international providers, such as FedEx, who must receive such Personal Data to address Customer needs. Jurisdictions are often geographically dependent. Personal Data that ProtiFi collects and processes may be transferred and maintained outside Customer’s state, province, country, or other jurisdiction where the privacy laws may not be as protective as those in Customer’s location, including within the United States. ProtiFi has put in place lawful transfer mechanisms and adequate safeguards, in accordance with applicable legal requirements, to protect Customer’s Personal Data, including obtaining Customer’s consent for transfer of personal data where required.
Third-Party Service Providers
Third-party service providers acting on our behalf will only process Personal Data as necessary to perform their functions in a manner consistent with this Notice, other applicable privacy notices, and as explicitly permitted or required by applicable laws, rules, and regulations. Our third-party service providers may be in the United States and other jurisdictions.
On certain parts of our websites, Services and Hosted Services, ProtiFi uses Google Analytics and Shopify as third-party analytics services to collect information needed to provide Customer with solutions and otherwise address Customer needs, to improve Services, Hosted Service and websites and their performance, to improve how users navigate through and use our Services, Hosted Service and websites, to help us design better interfaces and to help us understand how users engage with us. These technologies may track Customer’s activity on our sites (i.e., the pages Customer has seen and the links Customer has clicked on) and helps us measure how Customer interacts with the content that we provide. This information is used to compile reports and to help us improve the sites. The reports we receive may indicate website trends. Customer can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout. Customer can click on Cookie Settings to adjust how cookies perform, stored and used on Customer’s device. ProtiFi does not currently use cookies. We may combine information we obtain from third parties with information we collect whether Personal Data or not.
Interactive Features of our Websites
To the extent we offer any public or group forums on our Products and/or Services, such as newsfeeds, blogs, message boards, or similar tools (“Interactive Features”), the posts or comments Customer makes may be public and viewed by others. Customer should use care before posting information about Customer itself, including Personal Data. Customer acknowledge and understand that Customer have no expectation of privacy or confidentiality in the content Customer submits to Interactive Features. Except when required to do so by applicable law, we assume no obligation to remove Personal Data Customer post on our Products and/or Services, and Customer’s disclosure of any Personal Data through the Interactive Features is at Customer’s own risk.
Safeguarding Information
Consistent with applicable laws, ProtiFi has put in place physical, technical, and administrative safeguards to protect Personal Data from loss, misuse, alteration, theft, unauthorized access, and unauthorized disclosure consistent with legal obligations and industry practices. However, as is the case with all websites, applications, programs, databases, products, and services, we unfortunately are not able to guarantee security for data collected through our Products and/or Services. In addition, it is Customer’s responsibility to safeguard any passwords, ID numbers, or similar individual information associated with Customer’s use of the Products and/or Services.
How Long Customer’s Personal Data Will Be Retained
We generally retain Personal Data for as long as needed for the specific business purpose or purposes for which it was collected. Standard Customer contact details (organization, name, address, email, etc.) are maintained to facilitate serving Customer’s future needs such as, and not limited to, orders, quote requests, etc. In some cases, we may be required to retain Personal Data for a longer period by law or for other necessary business purposes. Whenever possible, we aim to anonymize the information or remove unnecessary identifiers from records that we may need to keep for periods beyond the specified retention period.
Changes to This Privacy Notice
We reserve the right to change this Notice from time to time. We will alert Customer when changes have been made by indicating the date this Notice was last updated as the date the Notice became effective or as otherwise may be required by law. It is recommended that Customer periodically revisit this Notice to learn of any changes.
Contact Us
If Customer has questions or comments about this Notice or about how Customer’s Personal Data is processed, please contact us using one of the methods below:
Email: info@protifi.com.

Mail:
ProtiFi LLC
PO Box 176
Fairport, NY 14450
USA
We will make reasonable efforts to respond promptly to Customer’s requests in accordance with applicable laws. We may, after receiving Customer’s request, require additional information from Customer to honor the request and verify Customer’s identity. Please be aware that we may be unable to afford these rights to Customer under certain circumstances, such as if we are legally prevented from doing so.
Notices
© 2023 ProtiFi, LLC. All rights reserved. This document and all other ProtiFi materials and Documentation may not be reproduced, distributed, modified or publicly displayed without the express written permission of ProtiFi, LLC. In the event of any ambiguity or conflict between this Privacy Notice and the Terms and Conditions or other related agreement(s), the terms and provisions of the Terms and Conditions available at https://protifi.com/pages/terms-and-conditions shall control and supersede any such inconsistency, conflict or ambiguity.