Last Updated: December 3, 2023

At Ascent Advisory Group ("Ascent", "we", "us"), we respect the privacy rights and choices of our clients, partners, website visitors, and others who share information with us ("you" or "user"). This Privacy Policy explains how Ascent collects, uses, discloses, retains and protects the personal information we obtain about those we interact with, provide services to or have a relationship with.

What Personal Information We Collect:

We collect information you provide voluntarily when creating an account, purchasing or using our services, contacting us via phone/email/chat, participating in surveys, contests or events, applying for a job, etc. This may include:

• Identifiers: Name, address, date of birth, government IDs, Social Security number, driver's license details, passport details, email address, telephone number, social media handles, IP address, etc.

• Demographic data: Age, gender identity, veteran status, household/ marital status, citizenship status

• Commercial data: Billing/payment details, account/policy details, transaction information and history

• Professional, employment and education data: Job title, employer details, work history, professional background, education details

• Opinions/preferences: Product/service feedback, interests, preferences

• Audio/Visual data: Call and video recordings

We also collect data automatically as you use our website or services via cookies, web beacons, device/network data, location info, and similar technologies that provide insights on how you access and interact with our systems. This may include:

• Device data and IDs: Device type, identifiers, operating system version, browser type/version, language preference, WiFi info

• Usage data: Pages visited, content viewed, links clicked, user activity/behavior metrics (e.g. feature usage, clicks, mouse movements, scrolls)

• Access location data: Country, city, state

• Web activity data: Referring sites/urls, search terms used to reach our site

Sensitive Data: We do not intentionally collect sensitive data revealing health, sexual orientation, political or religious beliefs, genetic/biometric info, racial/ethnic origin, etc. If we become aware we have collected such data in error, we will delete it immediately.

Information from Third Parties: We may supplement data collected directly with demographic info, lead generation data, marketing data, publicly available social media data, and similar data from third party sources.

Why Ascent Needs Your Personal Information:

• We use your personal information lawfully and fairly for a variety of business purposes and activities, including:

• Delivering, improving, updating our services, website

• Sending service communications, invoices, notifications

• Completing transactions and orders

• Verifying identity

• Handling support, feedback and complaints

• Conducting research/analysis to improve our offerings

• Preventing fraudulent activity and monitoring/enhancing cybersecurity

• Performing compliance activities required by regulations

• Managing HR functions like recruiting, onboarding

• Other general business operations and due diligence

Who We Share Your Personal Information With:

We do not sell personal data to third parties for marketing or advertising. We only disclose data to external entities when necessary to fulfill business obligations or comply with laws and regulations protecting your rights. Parties that may access limited personal information include:

Service providers: Companies helping us with technology services, fraud prevention, marketing, analytics, storing/processing data, etc.

Successors: Parties involved if Ascent undergoes business transitions like a merger, acquisition, bankruptcy, reorganization, or sale of some or all company assets or subsidiaries.

Law enforcement/regulators/public authorities: Entities like law enforcement, regulators, courts, public authorities if compelled by subpoena, court order, regulators, or when we believe disclosure is needed to prevent harm or financial loss; protect our rights/property/safety; or respond to fraud/abuse of our services, website or other users.

Aggregate, De-Identified Information Sharing and Use

We may share or disclose aggregated information about users that does not identify individuals. We may use it improve our services, provide customization and personalized experiences, troubleshoot issues, communicate metrics to potential partners or clients, and for similar business-related purposes.

Your Rights, Choices and Opt-Out Options:

You can access, edit or delete information we have about you at any time by logging into your account or contacting us directly at the email provided below. We make good faith efforts to honor requests promptly, unless we need to retain information due to reasonable business needs like accounting, tax reporting, audits, compliance, fraud monitoring, troubleshooting, retention policies, etc.

You also have a right to:

• Know what personal data Ascent has about you

• Correct/update your information

• Object to certain uses of your data

• Withdraw consent for data processing provided previously

• Receive an electronic copy of personal data provided to us (data portability)

• File complaints regarding possible privacy right violations with your local data protection authority

To opt-out of any future marketing communications or newsletters, use unsubscribe links in emails you receive, update notification settings under your account, or contact us. While you can limit communications, we may still contact you occasionally regarding vital service updates, policy changes, account management purposes, etc.

Security Practices and Procedures

Ascent takes reasonable and appropriate security measures to protect your personal information against loss, misuse, unauthorized access or disclosure including administrative, physical and technical safeguards. While we work extremely hard to protect your privacy, no data storage system or transmission of information over the Internet can be guaranteed to be 100% secure.

Data Retention Practices

We retain personal data collected for the duration required to fulfill our contractual business purposes, comply with applicable laws and regulations like tax and financial reporting, carry out audits, monitor fraud, assertions of legal claims, etc. After that, we de-identify or aggregate the information when reasonable or delete unnecessary personal data at the earliest reasonable timeframe.

Transfer of Personal Data Outside Your Country

Ascent is headquartered in the United States with a global client base and international service providers. To conduct business, personal information we collect may be accessed, processed or stored globally by us, partners or services providers. We have safeguards in place intending transborder data flows comply with applicable laws. If you reside in the European Economic Area (EEA), United Kingdom or Switzerland, we rely on lawful data transfer mechanisms permitted under GDPR like Standard Contractual Clauses.

Privacy Rights of Children

Our offerings target business professionals and we do not knowingly collect or retain personal data from individuals under 16 years of age in the US (age of digital consent may differ globally). If we discover personal data from a child under the age of consent was collected without adult permission, we will take prompt action to remove it.

Updates to our Privacy Policy

We may occasionally update this Privacy Policy to reflect changes in data practices, privacy regulations and feedback from clients and others. Any material revisions will take effect once an updated version is accessible on Ascent properties. We will provide notification of major changes on our website banner, within emails or through other reasonable methods. Please revisit our Privacy Policy when you visit our site or use our services so you stay aware of how we collect and use personal data. Use of Ascent services or website after the revised Policy has been published means you accept the current version.

Have Any Privacy Questions or Concerns?

Please don't hesitate to contact our Data Protection Team anytime at privacy@ascentadvisory.com if you have questions, concerns or complaints related to how Ascent handles your personal information or about this Privacy Policy.