SHIFT PRIVACY & COOKIE NOTICE

Effective Date: February 27, 2018

This Privacy Notice (“Notice”) applies to all Personal Information (defined below) that is col-lected by Shift Media Holdings, Inc. and our affiliate and subsidiary entities MediaSilo, Inc. and I.O.W.A., LLC (“we,” “us,” or “our”) through our online properties (“Sites”) such as Wiredrive and MediaSilo.

The purpose of this Notice is to inform website users (“you” or “your”) what information may be collected from you when you visit the Sites, how the information will be used, with whom the information will be shared, your choices regarding the information, your ability to edit, update, correct or delete the information, and the security procedures that we have implemented to protect your privacy.

By visiting the Sites and providing your Personal Information to us, you consent to the terms of this Notice, which forms a part of the Terms of Use for the Sites. We reserve the right to amend or change this Privacy Notice at any time at our sole discretion. However, for changes that would materially degrade your privacy rights, we will provide you with the opportunity to review and opt-in to such changes.

1. ABOUT SHIFT

SHIFT gives individuals and teams from enterprise media companies, agencies and brands access to a secure ecosystem that embraces the unique needs of creators. For those in-volved in the lifecycle of creative content, SHIFT and its products and services provide an environment that is safe, scalable, inspiring, empowering and efficient.

Our leading collaboration platforms for creators and creative companies address video workflow issues, delivering tools that allow users to stay focused on creativity and content:

  • MediaSilo provides secure video collaboration tools and pre-release content delivery to the post-production market, including many of the largest media companies in the world.
  • Wiredrive is the industry standard for agencies, brands and creative professionals look-ing to review, curate, present and share creative work.
  • SafeStream is the first on-demand and real-time visible and forensic watermarking ser-vice providing turnkey tools for securing video content online.
  • Screeners.com provides a singular, secure, hassle-free destination for previewing pre-release content.

2. INFORMATION COLLECTED

a. Personal Information. In general, you do not need to provide us with any Personal Information in order to browse the Sites. However, you must provide Personal Information such as your name, email address, and other contact information, in order to create an online account with us. An online account is required to subscribe to our services provided through the Sites, including to view or edit content that is stored in the Sites.

  • MediaSilo collects the name, email address, and phone numbers (optional) of regis-tered users, and the email address and name (optional) of sharing recipients.
  • Wiredrive collects the name and email address of registered users, and the email ad-dress of sharing recipients.
  • SafeStream collects the name and email address of registered users. It does not direct-ly collect Personal Information of video viewers, but the visual watermarking infor-mation within SafeStream may contain Personal Information including name and email address of video viewers, in typical use.
  • Screeners.com collects the name and email address of registered users, both adminis-trators of the system as well as sharing recipients.

If you are applying for a job through the Sites, you may also choose to provide us with addi-tional information such as your employment status, employment history, and academic background. If you do not want to share your Personal Information with us, please do not submit it. Unfortunately, this means that you may not be able to fully enjoy the services you have requested.

b. Log Files, Research and Data Analytics. We may also gather certain information automat-ically, such as Internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, operating systems, date/time stamps, and/or clickstream data. We gather this information to provide our customers and registered users with detailed, user-specific activity reporting and audit trails; to better understand our clients and Site us-er-base; and to improve our services to you. In addition, we may conduct research on your demographics, interests, and behavior based on non-Personal Information usage data. This data may be compiled and analyzed on an aggregate basis and we may share the data with our service providers. Finally, we audit and monitor all information on the platform for se-curity reasons.

3. USE OF INFORMATION & CHOICE

a. If you choose to provide us with your Personal Information, we may use it for the following purposes:

  • (a) to provide you with the services you have subscribed to;
  • (b) to provide customers and registered users with detailed activity reporting on their content;
  • (c) to send you newsletters you have subscribed to on the Sites;
  • (d) to answer your questions submitted through the “Contact Us” feature of the Sites;
  • (e) to evaluate the quality of our services and to perform internal studies regarding our services;
  • (f) to recruit prospective employees who have applied for a job on the Sites;
  • (g) to enhance the operation of the Sites; and
  • (h) to serve you with content through the Sites.

b. We do not collect, use, or disclose your Personal Information in any ways or for any pur-poses that are materially different from those set forth herein. However, if we wish to do so in the future, we will always obtain your consent first, and offer you the choice to opt-out of such collection, use, or disclosure.

4. SHARING INFORMATION

We do not share your Personal Information with third parties except as described below and we will never sell, rent, or share your Personal Information for direct marketing pur-poses. However, to the extent we do share your Personal Information with third parties as permitted by this Notice, we still remain responsible for it. Furthermore, in cases of on-ward transfer to third parties of Personal Information of individuals received pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (as described in Section 10 below), Shift is potentially liable.

a. Shift Affiliates. We may share your Personal Information with our subsidiary, affiliate, and parent entities for the purposes described in this Notice.

b. Service Providers. We may share your Personal Information with contracted service pro-viders as necessary for us to achieve the purposes described in this Notice. These service providers are under a contractual obligation to use Personal Information only for the pur-poses for which they were hired and in accordance with applicable law.

c. Business Partners. We may share your Personal Information as part of joint marketing ef-forts with affiliates and third party business partners, consistent with the purposes de-scribed in this Notice.

d. Clients. If you are an end-user who uses the Services as part of your job with one of our clients, or who otherwise accesses the Services at the invitation of one of our clients, your name and email address may be shared with that client for purposes of validating your au-thorized use of the Services under their license.

e. Business Transitions. In the event we go through a business transition, such as being ac-quired by another company, or selling all or part of our assets, Personal Information will, in most instances, be part of the assets transferred. However, it will be subject to any pre-existing privacy notice unless the acquiring entity obtains your consent to additional uses.

f. Legally Required Law Enforcement, Judicial and Administrative Agency Disclosures. We will disclose Personal Information and related confidential information as necessary to comply with judicial orders, subpoenas, civil or criminal investigative demands, administra-tive and regulatory demands, and other legal obligations, if we believe in good faith that disclosure is necessary to comply with the law, to protect our rights, to protect your safety or the safety of others, or to investigate violations of applicable law.

5. COMMUNICATIONS

a. Newsletters. Site visitors may subscribe to newsletters that provide you with information about our services, by providing us with a valid email address. You may stop receiving these kinds of emails by clicking “unsubscribe” or by following the instructions in the footer of the email, or by submitting a written request to us at the contact information below.

b. Sales & Customer Service. We communicate with customers and interested individuals via email, regular mail, and telephone to provide requested services. You may ask to be re-moved from a mailing or calling list at any time by submitting a written request to us at the contact information below.

6. COOKIES AND TRACKING TECHNOLOGIES

a. Cookies. Cookies are text-only strings of information that that a website transfers to the cookie file of the browser on your computer's hard drive so the website can remember who you are. We may use cookies to recognize you when you return to the Sites in order to provide you with a better user experience. Most websites use cookies and cookies alone cannot be used to identify you. A cookie will usually contain the name of the domain from which the cookie has come, the "lifetime" of the cookie, and a value (usually a randomly generated unique number). We use two types of cookies on this website:

  • Session cookies - temporary cookies that remain in the cookie file of your browser until you leave the site. Session cookies are used to carry information across pages of the Sites so you don’t have to re-enter information in order to access areas of your account such as stored files.
  • Persistent cookies – cookies that remain in the cookie file of your browser for much longer (though how long will depend on the lifetime of the specific cookie). Persis-tent cookies are used to help us recognize you as a unique visitor when you return to our website. They also allow us to tailor content or advertisements to match your preferred interests or to avoid showing you the same adverts repeatedly. We also use persistent cookies to compile anonymous, aggregated statistics that allow us to understand how the Sites are used and to help us improve the structure of the Sites.

b. Third Party Cookies. We may allow third parties to use cookies on the Sites but we do not control the use or contents of third party cookies. Web browsers often allow you to erase existing cookies from your hard drive, block the use of cookies and/or be notified when cookies are encountered. If you elect to block cookies, please note that you may not be able to take full advantage of the features and functions of the Sites.

c. Web Beacons. Web beacons are images inserted in a webpage or email, which may be used to count the number of visitors to the Sites, monitor the behavior of the Site user, store the IP address of the user, store the duration of the interaction, and store the type of web browser that was used, among other information. We may use web beacons to im-prove user experiences on the Sites and learn more about our customers and visitors to the Sites. Web Beacons collect only limited information which includes a cookie number; time and date of a page view; and a description of the page on which the Web Beacon re-sides. Web becons do not contain any Personal Information.

d. Disabling and Enabling Cookies. You have the ability to accept or decline cookies by modifying the settings in your browser. However, you may not be able to use all the inter-active features of the Sites if cookies are disabled. Should you wish to be alerted before a cookie is accepted on your hard disk, guideline instructions follow below:

e. Deleting cookies. You can easily delete any cookies that have been installed in the cookie folder of your browser. Type "cookies" in the search box of the "Help" function of your browser for information on where to find your cookie folder.

f. Do Not Track Browser Requests. Web browsers often also allow you to send a “Do Not Track” request with your browsing traffic, which would enable anonymous browsing. Our service provider does not honor Do Not Track requests from web browsers.

7. DATA QUALITY, ACCESS & RECTIFICATION

We will make reasonable efforts to ensure your Personal Information is accurate and com-plete and we will update or correct your information as needed when notified by you. If you would like to request access to your Personal Information, request to verify your Personal Information, identify any inaccuracy in your Personal Information, or change your Personal Information in any way, please contact us. Residents of certain countries, including the Eu-ropean Union, may have the additional rights to request erasure of, restrict the processing of, or object to certain processing of your Personal Information, as well as to data portabil-ity, and to file a complaint with your local data protection supervisory authority. Please con-tact us if you wish to exercise these rights.

8. RETENTION

We will keep your Personal Information in active files or systems as long as needed to meet the purposes for which it was collected or to fulfill the other purposes outlined in this Notice.

9. SECURITY

We take reasonable administrative, technical and physical steps to ensure that your Person-al Information in our custody and control remains accurate, timely, and secure. Unfortunately, no data transmission over the Internet can be guaranteed as 100% secure and we cannot guarantee or warrant its security.

10. INTERNATIONAL TRANSFERS

The Sites are hosted in, and our Services are provided from, the U.S. Accordingly, by providing your Personal Information through the Sites, you consent to the transfer of your Personal Information from your country of residence to the United States. We may also en-gage service providers or business partners located in other countries, who may receive your Personal Information, all in accordance with this Notice and applicable law. Those countries may offer less privacy protection than your country of residence, and in certain instances your Personal Information may be accessible by foreign courts, law enforcement authorities and national security authorities in those countries.

11. PRIVACY SHIELD

Shift and our affiliate entities MediaSilo, Inc. and I.O.W.A., LLC comply with the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information transferred from the European Union and Switzerland to the United States. Shift has certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Securi-ty, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability with regard to all Personal Information received from the EU and Switzerland in reliance on the Privacy Shield. If there is any conflict between the terms in this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Pri-vacy Shield program, and to view Shift’s certification, please visit https://www.privacyshield.gov. In compliance with the Privacy Shield Principles, Shift commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at our contact information below. We have further committed to re-fer unresolved Privacy Shield complaints to the International Centre for Dispute Resolution® of the American Arbitration Association® (ICDR/AAA), an alternative dispute resolution pro-vider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit the ICDR/AAA for more information or to file a complaint. The services of the ICDR/AAA are provided at no cost to you. In addition, in certain circumstances as a last resort, individuals may be able to invoke binding arbitration through the Privacy Shield panel. Lastly, Shift is also subject to the investigatory and enforcement powers of the Fed-eral Trade Commission, the Department of Transportation, and any other authorized U.S. statutory body.

12. THIRD PARTY LINKS

The Sites may contain links to or from other websites over which we have no control. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage users to be aware when they leave our Sites and to read the privacy notices of each and every website that collects Personal Information. This Privacy Notice applies solely to information collected by our Sites.

13. QUESTIONS AND COMPLAINTS

We take your privacy concerns seriously. If you believe we have not complied with this Notice, or you have any other questions, you may contact us at 374 Congress Street #506, Boston MA, 02110 USA, privacy@shift.io, +1 (617) 423-6200.

14. CHILDREN'S DATA

The Sites are not intended for minors and we do not knowingly collect Personal Information from anyone under 13 years of age. If you believe we may have collected Personal Infor-mation from your child on the Sites, please contact us and we will make reasonable efforts to delete the information from our records.

15. SENSITIVE DATA

We do not use the Sites to knowingly collect “sensitive data” such as that relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, current or future medical status, genetic information, labor union affiliation, or sexual orientation. If you be-lieve you have mistakenly provided us with any sensitive data, please contact us.

t>