Privacy Shield Notice

Effective as of January 30, 2023

Fooji, Inc. ("Fooji "we", "us" or "our") complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred to it in the United States from the European Economic Area ("EEA") or Switzerland, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, the Privacy Shield Principles and to view our certification, please visit www.privacyshield.gov. Fooji commits to subject to the Privacy Shield Principles all personal data that were received from the EU and Switzerland in reliance on the Privacy Shield.

Scope. This Privacy Shield Policy applies to personal data within the scope of our Privacy Shield certification, which covers personal data regarding individuals in the EEA and Switzerland that (a) we collect from visitors to our website ("Fooji User Data"), (b) we process from end users in connection with their participation in games, giveaways, and other online services we provide in conjunction with our customers under a service agreement ("Fan Data") or on behalf of our customers under a service agreement ("Customer Data"), and (c) we collect about our contractors (past or present) collected in the context of our relationship with them ("HR Data").

Data processed. The Fooji User Data that we collect, use and share is described in our Website Privacy Policy. The Microsite Privacy Policy for each applicable microsite describes our collection, use and sharing of Fan Data for that microsite. Fan Data we collect, use and share typically includes data such as contact details, data required for account registration, government-issued identification numbers (to the extent required for tax-related purposes when a fan wins a prize or other benefit over a certain dollar amount), social media posts and other user-generated content, communications (e.g., messages and feedback) and marketing data (e.g., engagement with our marketing communications), and certain device and online activity data. With respect to Customer Data, we process such data as a processor on behalf, and at the direction, of our customers, in which case, we do not own or control such Customer Data and our processing of such Customer Data is governed by our service agreement with our customer. Finally, the HR Data we collect, use, and share is described in our Applicant Privacy Notice for EEA Applicants.

Purposes of data processing. We collect, use, and share Fooji User Data, Fan Data and HR Data for the purposes described in the respective privacy policies referenced above. We process Customer Data as a processor at the direction of our customers to fulfill our contractual obligations to those customers and it is those customers who determine the purposes of data processing.

Inquiries and complaints. In compliance with the Privacy Shield Principles, Fooji commits to resolve complaints about collection or use of your personal information. If you are located in the EEA or Switzerland, you should first direct any inquiries or complaints concerning our Privacy Shield policy to privacy@fooji.com.

Fooji has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you did not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit the JAMS Privacy Shield Program for more information or to file a complaint. You may learn more about JAMS by visiting https://www.jamsadr.com/eu-us-privacy-shield. The services of JAMS are provided at no cost to you.

If the dispute involves HR Data, Fooji commits to cooperate with the panel established by the relevant EU data protection authorities or the Swiss Federal Data Protection and Information Commissioner, as applicable (collectively, DPAs) and comply with the advice given by such DPAs with regard to HR data transferred from the EU and/or Switzerland, as applicable in the context of the relevant relationship. Please contact us to be directed to the relevant DPA contacts.

If you are located in the EEA or Switzerland and neither Fooji nor our dispute resolution provider resolves your complaint, you may be entitled to invoke binding arbitration under certain conditions more fully described on the Privacy Shield website.

Third parties who may receive personal data. We may share Fooji User Data, Fan Data, and HR Data covered by this Privacy Shield Notice with third parties as described, respectively, in our privacy policies referenced above. We may share Fan Data and Customer Data regarding individuals in the EEA or Switzerland with certain third parties, including affiliates, service providers, business and advertising partners and professional advisors, our customers, third-party platforms that fans post to in connection with our campaigns, other users and the public (if you have made such personal data available publicly or to such other users), third parties in connection with a corporate sale, merger, reorganization, dissolution or similar event, for security, safety, fraud prevention and quality assurance purposes, and as required by law or legal process, or where we have a good faith basis for believing disclosure is required by law or legal process. To the extent provided under the Privacy Shield Principles, we remain responsible and liable under the Privacy Shield Principles if a third-party that we engage to process personal data covered by this Privacy Shield Notice on our behalf does so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the matter giving rise to the damage.

Legal Requests. We may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Your rights to access, to limit use, and to limit disclosure. Individuals in the EEA and Switzerland may have rights to access personal data about them, and to limit use and disclosure of their personal data covered by this Privacy Shield Notice. With respect to Fooji User Data, Fan Data and HR Data, you may request access to that data and request that we correct, amend, or delete it if it is inaccurate or processed in violation of Privacy Shield by emailing your request to privacy@fooji.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why subject to legal restrictions.

We process Customer Data only on behalf of our customers in accordance with their instructions. This means that if you wish to access Services Data and request that we correct, amend or delete it if it is inaccurate or processed in violation of Privacy Shield, you should contact that customer with your request. We will then help them to fulfill that request in accordance with their instructions.

U.S. Federal Trade Commission Enforcement. The U.S. Federal Trade Commission has jurisdiction over Fooji’s compliance with the Privacy Shield.