Privacy Policy

Last updated: August 7, 2025

This Privacy Notice for Crosscheck Technologies Inc. (“we,” “us,” or “our”) describes how and why we might collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), including when you:

Visit our website at https://crossxcheck.com, or any website of ours that links to this Privacy Notice.

Use Crosscheck, our platform for supply chain compliance automation.

Engage with us in other related ways, including any sales, support, marketing, or events.

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@crossxcheck.com.

This summary provides key points from our Privacy Notice, but you can find out more details about any of these topics by using our table of contents below to find the section you are looking for.

• What personal information do we process?

• Do we process any sensitive personal information?

• Do we collect any information from third parties?

• How do we process your information?

• In what situations and with which parties do we share personal information?

• How do we keep your information safe?

• What are your rights?

• How do you exercise your rights?

1. What Information Do We Collect?

2. How Do We Process Your Information?

3. What Legal Bases Do We Rely On to Process Your Personal Information?

4. When and With Whom Do We Share Your Personal Information?

5. Do We Use Cookies and Other Tracking Technologies?

6. Do We Offer Artificial Intelligence-Based Products?

7. How Do We Handle Your Social Logins?

8. How Long Do We Keep Your Information?

9. How Do We Keep Your Information Safe?

10. Do We Collect Information From Minors?

11. What Are Your Privacy Rights?

12. Controls for Do-Not-Track Features

13. Do United States Residents Have Specific Privacy Rights?

14. Do We Make Updates to This Notice?

15. How Can You Contact Us About This Notice?

16. How Can You Review, Update, or Delete the Data We Collect From You?

In Short: We collect personal information that you provide to us and some that is collected automatically when you use our Services.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products, participate in activities on the Services, or otherwise contact us.

Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

• names

• email addresses

• job titles

• contact preferences

• contact or authentication data

Sensitive Information. We do not process sensitive personal information

Payment Data. If you choose to make purchases, we may collect payment data necessary to process your payment, such as your payment instrument number and associated security code. All payment data is handled and stored by Stripe. You may find their privacy notice here: https://stripe.com/privacy.

Social Media Login Data. We may also provide you with the option to register with us using your existing social media account details, such as your Google or Microsoft account. If you choose to register in this way, we will collect certain profile information about you from the social media provider, as described in the section called “HOW DO WE HANDLE YOUR SOCIAL LOGINS?” below.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes.

In Short: Some information — such as your IP address and/or browser and device characteristics — is collected automatically when you use our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (such as your name or contact information), but may include device and usage information, including your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical details. This information is primarily needed to maintain the security and operation of our Services and for internal analytics and reporting.

Like many businesses, we also collect information through cookies and similar technologies.

The types of automatically collected data include: log and usage data, device data, and location data.

In Short: We process your information to provide, improve, and administer our Services and Product, communicate with you, enhance security, and comply with legal obligations. We may also process your information for other purposes with your consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services. These include facilitating account creation and authentication, delivering the Services to you, responding to user inquiries, sending administrative notifications, requesting feedback, sending promotional communications, identifying usage trends, and protecting individual or public safety.

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

If you are located in the EU or UK, this section applies to you.

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

• Consent

• Performance of a Contract

• Legitimate Interests

• Legal Obligations

• Vital Interests

In Short: We may share information in specific situations described in this section and/or with the following third parties.

We may need to share your personal information in the following situations:

• Business Transfers

• Affiliates

• Business Partners

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders (depending on your communication preferences). The third parties and service providers use their technology to provide advertising about products and services tailored to your interests which may appear either on our Services or on other websites.

In Short: We offer features and tools powered by artificial intelligence and similar technologies.

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies for supply chain compliance (collectively, "AI Products"). These features may assist with document classification, reporting, and identification of gaps in compliance documentation. These tools are designed to enhance your experience and provide you with innovative solutions. The terms in this Privacy Notice govern your use of the AI Products within our Services.

In Short: If you choose to register or log in using a third-party account, we may receive certain information about you.

Our Services allow you to register and log in using a third-party account, such as Google or Microsoft. Where you do this, we receive profile information like your name, email address, and profile photo. This information is used only for account access and authentication.

In Short: We keep your information for as long as necessary to fulfill the purposes described in this Privacy Notice unless otherwise required by law.

We will retain your personal information for only as long as necessary to achieve the purposes outlined in this notice, unless a longer retention period is required or permitted by law. No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us.

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We implement appropriate and reasonable technical and organizational security measures to protect your personal data. However, no system is completely secure. While we do our best to protect your information, the transmission of personal data to and from our Services is at your own risk. You should access our Services within a secure environment.

In Short: We do not knowingly collect data from or market to children under 18 years of age.

If we learn that we have collected personal information from individuals under 18, we will deactivate the account and delete the data. If you become aware of such a case, please contact us at privacy@crossxcheck.com.

In Short: Depending on your region, you may have rights that allow you greater access to and control over your personal information.

In certain jurisdictions, such as the EEA, UK, Switzerland, Canada, or California, you have rights that include the ability to access, correct, delete, restrict, or object to the processing of your data. You may also request data portability or withdraw consent.

To exercise your rights, contact us using the details in the “How Can You Contact Us” section below.

Most web browsers and some mobile operating systems and applications include a Do-Not-Track (DNT) feature or setting you can activate. However, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT signals. If a standard is adopted, we will follow it and update this policy accordingly.

In Short: If you are a resident of California, you may have the right to request access to and receive details about the personal information we maintain about you and how we have processed it, correct inaccuracies, get a copy of, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

In Short: Yes, we will update this notice as necessary to comply with laws and reflect any changes to our practices.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

If you have questions or comments, you may contact our Data Protection Officer by email at privacy@crossxcheck.com, or by mail at:

Crosscheck Technologies Inc.

Attn: Data Protection Officer

111b S South Governors Avenue, Dover, DE, 19904 United States

Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please visit: crossxcheck.com. Also to do so, contact us at privacy@crossxcheck.com