Privacy Policy

Effective June 19, 2025

Please read this Privacy Policy carefully before using the AIIME website ("the Site" or "our Site"). As used in this Privacy Policy, "AIIME" means Neptune Technologies, Inc., www.aiime.com, all affiliates, and its in-application and web experiences (collectively "Company").

Our Company takes privacy and security seriously. This Privacy Policy outlines how our Company ("we," "our," or "us") processes, stores, transfers, and discloses the information we collect about you through our websites, mobile apps, and other online services (collectively, the "Services") and when you otherwise interact with us, such as through our customer service channels. Company collects or observes information through a variety of difference contexts and how we use, process, store, transfer, and disclose Personal Information varies based on the context through which it was collected.

1. INFORMATION WE COLLECT AND HOW WE COLLECT IT.

Information You Provide

We collect information you provide when you use our Services or otherwise engage or communicate with us as described below.

• Identity Data, such as your name, date of birth, marital status, social security number, biometric identifiers, and other data on government-issued identification documents;
• Contact Data, such as your email address, mailing address, and telephone number;
• Financial Data, such as your bank account and payment card details, and information about your income, account balances, financial transaction history, credit history, tax information, and credit scores;
• Profile Data, such as your username and password, your knowledge assessment results, your interests, preferences, feedback, and survey responses;
• Stored Content, such as photos from your mobile phone gallery or contacts stored in your mobile device or email accounts. We only collect this information with your permission; and
• Additional Data You Provide, such as via focus groups, survey responses, contests/sweepstakes, customer support, data you provide in memos when using our Pay & Request Service, or other means.
• Information you provide us when using our Pay & Request Service: Pay & Request Recipient Contact Information: In order to conduct a money transfer using our Pay & Request payment Service, we collect information (including the name and an email address or phone number) from you about the intended recipient of the payment you request us to make.
• Other Information You Provide: We collect additional personal information that you choose to provide to us, including your contact list information and photograph.

Categories Of Types of Personal Information and Types of Information Defined

"Personal Information" is information relating to, directly or indirectly, an identified or identifiable natural person or household. This includes things like your name, postal address, telephone number, and email address, as well as less obvious information, which are included in the following defined categories. We plan to collect, and have collected within the preceding 12 months, the following categories of Personal Information:

• Individual Identifiers: This includes information like your name, email address, physical address, telephone number, login alias, IP address or Other Information that identifies you regardless of your relationship to Company.
• Inferences: This includes customer profiles, usage preferences, or other information about an individual's anticipated or assumed actions or behaviors.
• Customer Records: This includes information like your company name, job title, account number, customer identifier, or Other Information that relates to you as a customer of Company.
• Education information: This includes information about your educational history, such as the schools you have attended, the courses of study you followed, the status of any required continuing education for professional licensing, or Other Information relating to your education.
• Commercial Information: This includes payment card data, financial account information, account information, records of products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies of the customer, and Other Information necessary to collect and process payment for products and services ordered by the customer.
• Electronic Network Information: This includes information like browser and device data, and internet or network activity information, such as activity on our Websites and Services, data collected through cookies, pixel tags and other technologies, and Other Information that is generated through your use of the internet to access our websites.
• Audio, electronic, visual, or similar information: This includes information that is captured on audio or video recording, such as if a telephone or video call is recorded, or simply observable in such interaction or in an Offline Context.
• Protected Class Information: This includes characteristics of protected classifications under California or federal law, such as sex, age, gender, race, disability, marital status, medical conditions, gender identity and expression, and military/veteran status.
• Professional and Employment Related Information: This includes your contact details, user name and password to be able to access the Careers Site where you can apply for jobs, and information about your current or past employers, memberships in professional associations or trade unions, and professional licensing status if you make such information publicly available in the context from which the Personal Information is collected, such as in your publicly available social media accounts, through a resume submitted to us, or by attending a professional event associated with an affinity group. This may also include your work authorization status, skills, information relating to references and any other information you elect to provide to us (e.g., employment preferences, willingness to relocate, current salary, desired salary, awards or professional memberships).
• Sensitive Personal Information Protected under Law: This includes characteristics of protected classifications under law, such as information about your age, race, ethnicity, religion, gender, gender identity, sexual preference, sex life, disability, political preference, trade union membership, philosophical views, religious beliefs, marital status, citizenship, immigration status, medical or health information, biometric information, biometric templates, veteran status, precise geolocation, background check information, judicial data or information on other judicial or administrative proceedings. This may also include an individual's social security, driver's license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account, or the contents of mail, email, and text messages unless we are the intended recipient of the communication. We may also collect other pieces of information of particularly sensitive nature, if you make such information publicly available in the context from which the Personal Information is collected, such as in your publicly available social media accounts, through a resume submitted to us, or by attending a professional event associated with an affinity group.
• "Other Information": means any information that does not reveal your specific identity or does not directly relate to an identifiable individual, such as: browser and device data, App usage data, data collected through cookies, pixel tags and other technologies, demographic information and other data provided by you that does not reveal your specific identity, or other types of information that has been aggregated in a manner such that it no longer reveals your specific identity.

Information We Collect Automatically

As is true of many digital platforms, we also collect certain information about you automatically when you use our Services, as described below.

• Usage Information: We collect information about your activity on our Services, which includes device identifiers (like IP address or mobile device identifiers), pages or features you use, time and date of access, and other similar usage information.
• Transactional Information: When you receive, submit, or complete a transaction via the Services, we collect information about the transaction, such as transaction amount, type and nature of the transaction, and time and date of the transaction.
• Location Data: We may collect the GPS location of your mobile device in accordance with your device permissions. You can stop the collection of this precise location information at any time (see the Your Control section below for details).
• Information Collected Through Tracking Technologies: We and our service providers also use technologies, including cookies and web beacons, to automatically collect certain types of usage and device information when you use our Services or interact with our emails. The information collected through these technologies includes your IP address, browser type, Internet service provider, platform type, device type, operating system, date and time stamp, a unique device or account ID, usage information and other similar information. For information about how to disable cookies, please see the Your Controls section below.

Information We Collect from Other Sources

We also obtain information about you from other sources as described below.

• Vendors and Business Partners: We collect information about you from companies that we do business with, such as name, contact data, inferences about your preferences and attributes, as well as inferred fraud risk, from identity verification and fraud prevention partners.
• Publicly Available Data: includes contact information, your interactions with our social media platforms, and other information from publicly available sources, such as public websites.
• Advertising Data: We collect information in connection with our ad campaigns that surfaced on other platforms, such as the ads you clicked on and other interactions with our ads.
• Data from other users: If you are in another user's contact list and they choose to share that list with us, then we will collect the contact information and your association with that user.

2. HOW WE USE YOUR INFORMATION.

Unless otherwise limited by the context in which it was collected, Personal Information collected by Company is used for our legitimate business purposes, including:

• For improving the content of the Company Platform, for example, by incorporating information that is relevant to our clients;
• For preventing fraud or other illegal activities, such as willful attacks on Company information technology systems or the Company Platform;
• For data analysis, for example, to improve the efficiency of the Company Platform;
• For audits, to verify that our internal processes function as intended and address compliance with legal, regulatory or contractual requirements;
• For developing new products and services;
• For enhancing, improving, or modifying our current products and services;
• For identifying usage trends, for example, understanding which parts of the Company Platform are of most interest to users;
• For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users;
• For operating and expanding our business activities, for example, understanding which parts of the Company Platform are of most interest to our users so we can focus our energies on meeting our users' interests.

Additionally, we use the information we collect for purposes described below or as otherwise described to you at the point of collection:

• Maintain and provide the Services, including to process account applications, authenticate your identity, repair our Services, support, process and record transactional information, and handle billing and account management;
• Send you transactional or relationship information, including confirmations, invoices, technical notices, customer support responses, software updates, security alerts, support and administrative messages, and information about your transactions;
• Communicate with you about offers and other things we think you will be interested in , such as newsletters, product announcements, partner offerings, surveys, contests or sweepstakes, events or announcements;
• Personalize our Services, such as by suggesting content or customizing content or ads we show you;
• Monitor and improve our Services, including analyzing usage, research and development;
• Help protect the safety and security of our Services, business, and users, such as to investigate and help prevent fraud or other unlawful activity;
• Protect or exercise our legal rights or defend against legal claims, including to enforce and carry out contracts and agreements; and
• Comply with applicable laws and legal obligations, such as compliance obligations associated with our broker-dealer Alpaca Markets. For further information on Alpaca Markets, please visit https://alpaca.markets.
• Market research, we may collect or otherwise observe Personal Information from individuals in the market research context, including Individual Identifiers, Inferences, Employment Records, Education information, Geolocation Data, Audio, electronic, visual, or similar information, Professional and Employment Related Information, Protected Class Information, and Sensitive Information Protected under Law.

3. DISCLOSURES OF INFORMATION.

We are committed to maintaining your trust, and we want you to understand when and with whom we share information about you. We share information about you in the instances described below.

• Authorized third-party vendors and service providers: We share information about you with third-party vendors and service providers who perform services for us, such as identification verification, fraud prevention, advertising, mailing services, tax and accounting services, contest fulfillment, web hosting, and analytics services. We use an identification verification service provider to determine whether a selfie you take matches the photo in your government-issued identification. With your consent, we may record your voice and send this data to our third-party partner to authenticate you and to help prevent fraud. The information collected from your photo and your voice by our third-party vendors may include biometric data.
• Companies in which you hold securities: Company may provide your name, address, email address, and securities positions to requesting companies in which you hold securities.
• Substantial corporate transactions: We may share information about you in connection with a substantial corporate transaction, a merger, consolidation, reorganization, financing, change in control or acquisition of all or a portion of our business by a third party, or in the unlikely event of a bankruptcy or similar proceeding.
• Legal purposes: We disclose information about you if we believe that disclosure is in accordance with, or required by, any applicable law or legal process or to protect and defend the rights, interests, safety, and security of Company, our users, or the public.
• With your consent: We share information about you for any other purposes disclosed to you with your consent.

We share information with others in an aggregated or otherwise de-identified form that does not reasonably identify you.

4. THIRD-PARTY TRACKING AND ONLINE ADVERTISING.

We use third-party advertising and analytics services to better understand your online activity and serve you targeted advertisements. Third-party companies collect information about your use of our Services and other websites and online services over time through cookies, device identifiers, or other tracking technologies. The information collected includes your IP address, web browser, mobile network information, pages viewed, time spent, links clicked, and conversion information. We and our third-party partners use this information to, among other things, analyze and track data, determine the popularity of content, and deliver advertisements targeted to your interests on our Services and other platforms, as well as to provide advertising-related services to us such as reporting, attribution, analytics, and market research.

5. YOUR CONTROLS.

Personal Information: Personal information may be accessed, changed/corrected, or deleted directly through the context it was collected. For example, Personal Information collected in the Products and Services context can be accessed, changed, or deleted through the features and functionality of the Products and Services, and Personal Information collected in the Interactions with Job Applicants context may be accessed, changed, or deleted through the job application tools. In the event, however, you cannot access, change/correct, or delete Personal Information through the context in which it was collected, or if you would like to restrict the use of your Personal Information, object to the processing of your Personal Information or request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us at support@aiime.com or write to us at 4040 Del Prado Boulevard South, Cape Coral, FL 33904, or via our Site Feedback form. We will respond to your request consistent with applicable law.

In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to respond to your request as soon as reasonably practicable. We may exempt certain Personal Information from requests pursuant to applicable data protection laws or other laws and regulations.

Account profile: You can update certain account profile information by logging into your account. For example, you may choose to upload a photograph of yourself, but are not required to in order to use our services. You may also choose to update your username.

Access to your device data: You may disconnect our mobile app's access to certain stored device information through your device's settings. For instance, you can withdraw permission for the app to access your contact list or photo gallery.

How to control your communications preferences: You can stop receiving promotional emails from us by clicking the "unsubscribe" link in those emails. We may still send you service-related or other non-promotional communications, such as account notifications, receipts, security notices and other transactional or relationship messages.

Disabling certain data sharing: You can limit how we share your data with our marketing partners to market our Services more effectively to you across sites and apps. When disabled, we will no longer share personal information with these partners for these purposes.

Cookie controls: Many web browsers are set to accept cookies and similar tracking technologies by default. If you prefer, you can set your browser to delete or reject these technologies. If you choose to delete or reject these technologies, this could affect certain features of our Services. If you use a different device, change browsers, or delete the opt-out cookies that contain your preferences, you may need to perform the opt-out task again.

6. NOTICE TO CALIFORNIA AND VIRGINIA RESIDENTS.

This section provides additional details about the personal information we collect about California and Virginia residents and the rights afforded to them under the California Consumer Privacy Act ("CCPA") and the Virginia Consumer Data Protection Act ("VCDPA"). Please note that the CCPA does not apply to what is referred to as nonpublic personal information collected by financial institutions (like Company), as that information is subject instead to other financial privacy laws. Additionally, the VCDPA does not apply to any Company entities that are financial institutions. As a result, the CCPA and VCDPA do not apply to most of the information that Company collects.

Subject to certain limitations and exceptions, the CCPA and VCDPA provide California and Virginia residents, respectively, with certain rights. Depending on the state in which you are a resident, you may have the right to:

• Confirm whether Company processes your personal information;
• Correct inaccurate personal information;
• Request details (in a readily usable format) about the categories and specific elements of personal information we collect;
• Delete your personal information;
• Opt out of any sales, sharing, targeted advertising, or profiling for certain decisions (as these terms are defined in the CCPA and/or VCDPA); and
• Not be discriminated against for exercising these rights.

We collect the following categories of personal information: identifiers (such as name, email address and IP address), Internet or other electronic network activity information (such as engagement with promotional messages and ads), and inferences (such as gender, based on your first name). For California residents, the preceding list reflects Company's processing in the past 12 months.

California and Virginia residents may make a request to exercise rights under the CCPA and VCDPA, respectively, that are not otherwise exempt under applicable law. If you are a Company app user, a request may be made by logging into your Company account, navigating to the Security and Privacy menu, and selecting the option to either Download Personal Data or Request Data Deletion. You may also request assistance by sending an email to support@aiime.com or sending a physical notice to 4040 Del Prado Boulevard South, Cape Coral, FL 33904. We may verify the request by asking you to provide information that matches information we have on file about you. You can also designate an authorized agent to exercise these rights on your behalf, but we will require proof that the person is authorized to act on your behalf and may also still ask you to verify your identity with us directly. If you are a Virginia resident and Company is unable to satisfy your request to exercise a right available to you under the VCDPA, you are entitled to appeal our decision by emailing support@aiime.com or sending a physical notice to 4040 Del Prado Boulevard South, Cape Coral, FL 33904.

7. INTERNATIONAL USERS & GDPR

GDPR Rights

The GDPR is a law of the European Union (and set of rules some countries outside of the EU mirror) that gives individuals in Europe additional rights relating to the personal information collected about them. The main rights under that law are:

• Right to Access: You have the right to request Company to make copies of your personal data. You may be charged a small fee for this service.
• Right to Rectification: You have the right to request Company to correct any information you believe is inaccurate. You also have the right to request Company to complete any information you believe is incomplete.
• Right to Erasure: You have the right to request Company to erase your personal data, with certain exceptions.
• Right to Restrict Processing: You have the right to request Company to restrict the processing of your personal data, with certain exceptions.
• Right to Object to Processing: You have the right to object to Company processing of your personal data, with certain exceptions.
• Right to Data Portability: You have the right to request Company to transfer the data that they have collected to another organization, or directly to you, with certain exceptions.

These rights can be exercised by an individual in Europe or their designated agent such as an attorney or those in possession of a power of attorney.

Scope

The GDPR applies to personal data of citizens or residents of the European Union or the United Kingdom, such as those who interact with Company products and websites. "Personal data" is defined broadly in the GDPR and essentially encompasses any information that can be used directly or indirectly to identify an individual in Europe (or other non-EU state that adopted the provisions within GDPR). GDPR Article 4 defines "personal data" as any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. GDPR applies to personal data processed through purely automatic means or through non-automatic means.

Right to Access

In accordance with the GDPR requirements, European data subjects may contact Company to exercise their right to access the personal data that they hold about them as well as how the data was used, the categories and the identity of third parties with whom the data was shared, and the purpose(s) for the sharing of the information. They can do so by exercising that right via one of the other options identified in the Contact Methods section of this Notice.

European data subjects or their authorized agents who seek to exercise this right are subject to comprehensive verification to minimize any risk to individuals of sharing their person information with an unauthorized individual. Company will deny the request if it is unable to verify the requestor or the authorized agent.

Company can also deny the request if either company does not hold any personal data about the individual which falls within the scope of GDPR. This European Privacy Notice applies only to European data subjects and the scope of data covered by applicable European laws.

Right to Rectification

In accordance with the GDPR requirements, European data subjects may contact Company to change, correct, or add to the information they have about them if they think that the data they collected is incorrect or incomplete. Upon proper verification of the European data subject and proper request, Company will rectify the errors, if any. If the personal data was made public or shared with third parties, Company will make efforts to communicate to the third party the need to rectify the personal data. Upon completion of rectification, Company will contact the European data subject promptly.

Right to Erasure

European data subjects have the right to request erasure of their personal data and can make the request directly to us in his or her individual capacity or through an authorized agent. They can do so by exercising that right through one of the other options identified in the Contact Methods section of this Notice.

Company is not obligated to erase personal information if they are required or permitted to retain such information in accordance with one of the exemptions in the GDPR. Individuals who exercise their right to request deletion directly or through an authorized agent will be subject to verification in accordance with the GDPR requirements. Valid reasons for the erasure are:

• The personal data are no longer necessary in relation to the purposes for which they were collected;
• The European data subject withdraws consent;
• The European data subject objects to the processing;
• The personal data was unlawfully processed;
• There are existing legal obligations; or
• The personal data have been collected in relation to the offer of information society services.

When Company processes a request for erasure from a verified European data subject, they will delete the data from their systems in a secure and irreversible manner, to prevent the data from being restored. To the extent that Company have entrusted any of the personal data of the European data subject to a third party, they will also contact that third party to process the erasure request and will confirm to the European data subject or the agent that they have done so. If the data was made public, Company will take reasonably steps to inform other controllers of the data that the data subject has requested the erasure. Upon completion of erasure, Company will contact the European data subject promptly.

Right to Restrict of Processing

European data subjects have the right to restrict the processing of their personal data in order to effectuate other rights or to effectuate the right to restrict processing in and of itself. When the restriction is effectuated, Company will not process the personal data objected to with the exception of storage, only to be processed with the data subject's consent or for the establishment, exercise, or defense of legal claims, or for the protection on the rights of another natural or legal person. This right may be restricted further as the law demands. A European data subject who has obtained restriction of processing will be informed by the Data Protection Officer before the restriction if processing is lifted.

Right to Object to Processing

European data subjects may object, on grounds relating to his or her particular situation, at any time. At which point, Company will cease processing of personal data concerning him or her unless they can demonstrate compelling, legitimate grounds for the processing.

Please do note that Company may not adhere to objections to processing of data if the processing is necessary for the performance of a task carried out for reasons of public or national interest.

Right to Data Portability

European data subjects can request Company to transfer the personal data they have on them to the desired institution or person where technically feasible. Upon completion of transfer, Company will contact the European data subject promptly.

Response and Completion Times

Company will acknowledge, respond, and complete the requests to exercise the above Rights within one calendar month of receipt, and provide the information requested by the verified European data subject. If a reasonable delay is necessary, Company will contact the European data subject of the delay. The period may be extended up to two additional months if necessary to respond to the requests.

Exceptions to the Rights

GDPR provides certain instances when Company do not have to comply with a request to exercise GDPR rights. Such instances include: national security, defense, public security, the prevention and investigation of crime, protection of judicial independence and judicial proceedings, prevention, investigation, detection, and prosecution of breaches of ethics for regulated professions, enforcement of civil law claims, or other important objectives of general public interest.

Contact Methods

Company is an e-commerce entity with no physical storefront. They exclusively operate through their websites or other online methods, and they have direct relationships with their customers. You can email or mail them to exercise your rights. When you email your request, please write "My European Privacy Rights" in the subject field and identify as to who you are. Company is not responsible for notices that are not properly labeled or sent. When you mail your request, please write "My European Privacy Rights" on the header. If you believe Company is in breach of GDPR, you may contact your proper Commission.

8. CHILDREN.

We do not knowingly collect or solicit any information from anyone under the age of 18 on these Services. In the event we learn that we have inadvertently collected personal information from a child under age 18, we will take reasonable steps to delete that information. If you believe that we might have any information from a child under 18, please contact us at support@aiime.com.

9. TRANSFER OF INFORMATION.

Our Services are currently designed for use only in the United States. If you are using our Services from another jurisdiction, your information may be processed in the United States or other countries that may not provide levels of data protection that are equivalent to those of your home jurisdiction.

10. CHANGES TO THIS POLICY.

This Privacy Policy will evolve with time, and when we update it, we will revise the "Effective Date" above and post the new Policy and, in some cases, we provide additional notice (such as adding a statement to our website or sending you a notification). To stay informed of our privacy practices, we recommend you review the Policy on a regular basis as you continue to use our Services.

11. HOW TO CONTACT US.

If you have any questions or comments about this Privacy Policy or would like to request information required to be disclosed under global privacy laws, please send us your questions and feedback. Please contact us at support@aiime.com or by sending a physical notice to 4040 Del Prado Boulevard South, Cape Coral, FL 33904.