Augeo Affinity Marketing, Inc. and its affiliated companies, including Augeo CLO, Inc. (collectively "Augeo") are dedicated to respecting and protecting your personal privacy. This privacy policy explains how we collect, share, use, and protect information when you visit or use any Augeo website or online platform, including this site.

Please read this notice carefully to understand what we do, and how we collect, share and protect your personal information. As you review this privacy policy, here are a few general principles to keep in mind:

• Our online services are not intended for children under the age of 13. We do not knowingly collect personal information from, or market our products and services to children under 13. Parents can contact our customer service department to access, change, or delete the personal information that has been submitted by a child. If we become aware that a child under the age of 13 has provided us with personal information, we will delete it.
• As a member or user of an Augeo product or service, we will use and share the information that we collect from or about you in accordance with the details below, which provide you with certain choices with respect to the use and sharing of your personal information.

Information we may collect

Personal Information

When you visit our websites, we may collect personal information from or about you when it is entered by you or sent to us, including but not limited to:

• Information you provide to us by completing forms on our website: For example, your name, contact, and address information, and any other information you may provide in the forms on our website;
• Information you provide to us by contacting us: Any personal information you may provide to us when you email or call us, such as name, phone number, employer, and any other details you provide in your communications. Augeo may also request your contact information for the purposes of having someone contact you for additional information, or in response to your request for information from us;
• Transaction information when you purchase products or services from us: For example, if you make purchases with your credit card, we may use your credit card information for shipping, billing, and credit card validation purposes;
• Login information, such as username and password, that you may use in connection with our Services;
• Information we may receive from your financial institution, such as payment card data and other transactional information;
• Information we may receive from your employer, such as credentials, employer identification information, and other information you have provided to your employer; and
• Information about your activity through our products and services, including your device information, such as your IP address, the type of device or browser you use, and your actions on the Site.

We may also receive information about your transactions directly from your financial institution in order to process your rewards or redemptions transactions.

Usage and Other Information

In addition to the personal information described above, we may collect certain information about your use of our online services. For example, we may log the IP address of the device you use to connect to our online service, the type of operating system and browser you use, information about the site you came from, the parts of our online service you access, and the site you visit next. We or our third-party partners may also use cookies, web beacons or other technologies to collect and store other information about your visit to, or use of, our online services. In addition, we may later associate the usage and other information we collect online with personal information about you.

Use of Information

We use the information discussed above in a number of ways, such as:

• Processing reward or redemption transactions;
• Verifying your identity (such as when you access your account information);
• Preventing fraud and enhancing the security of your account or our online services;
• Responding to your requests and communicating with you;
• Reporting program activities to our client program owners;
• Managing your program preferences;
• Performing analytics concerning your use of our online services, including your responses to our emails and the pages and advertisements you view;
• Providing you tailored content and marketing messages on behalf of our clients and partners;
• Monitoring our site or portal performance;
• Operating, evaluating and improving our business (including developing new products and services, improving existing products and services, performing data analytics, and performing internal functions such as accounting and auditing);
• Complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations and our policies; and
• For any other purposes that we may specifically disclose at the time you provide or we collect your information.

We may also use data that we collect on an aggregate or anonymous basis (such that it does not identify any individual customer, directly or indirectly) for various business purposes, where permissible under applicable laws and regulations.

Data Retention

We will hold your personal information on our systems for as long as is necessary to perform the relevant processing activity, or as long as is set out in any relevant contract you hold with us. This is a case by case determination that depends on things like the nature of the data, why it is collected, why it is processed, and relevant legal or operation retention needs. For example, we may retain your data for as long as you hold a rewards account so that we may process and fulfill your future award transactions. We may also be legally required to hold some types of information to fulfil our statutory obligations. We review our retention periods for personal information on a regular basis. When the relevant processing activity has been completed, we may destroy your data, or alternatively anonymize the data in such a way that you are not personally identifiable, either directly or indirectly.

Sharing of Information

Augeo may share the information we collect from and about you with our affiliates and other third parties to bring you a range of quality and reliable products and services designed to meet your needs. For example, we may share your information with:

• Augeo third-party service providers like merchandise reward fulfillment, travel fulfillment and mailing service suppliers;
• Augeo affiliated websites and businesses in an effort to bring you improved service across our family of products and services, when permissible under relevant laws and regulations;
• Other companies to bring you co-branded services, products or programs;
• Third parties or affiliates in connection with a corporate transaction, such as a sale, consolidation or merger of Augeo businesses; and
• Other third parties to comply with legal requirements such as the demands of applicable subpoenas and court orders; to verify or enforce our terms of use, our other rights, or other applicable policies; to address fraud, security or technical issues; to respond to an emergency; or otherwise to protect the rights, property or security of our customers or third parties.

Where appropriate, we will limit sharing of your information in accordance with the options you have selected.

We may share anonymous or aggregated information (such that it does not identify any individual customer, directly or indirectly) with third parties to help deliver products, services, and content that are tailored to the users of our online services and for other purposes. Otherwise, Augeo will never sell or rent any of your personal information, and we will never share your personal information publicly without your consent.

Understanding Cookies, Web Beacons and Other Tracking Technologies

We, our service providers, and other companies we work with may deploy and use cookies, web beacons, and other tracking technologies for various purposes, such as fraud prevention, monitoring our advertising, and assessing our marketing campaign performance. Some of these tracking tools may detect characteristics or settings of the specific device you use to access our online services.

"Cookies" are small amounts of data a website can send to a visitor's web browser. They are often stored on the device you are using to help track your areas of interest. Cookies may also enable us, our service providers or other companies we work with to analyze your use of our online services over time to customize your experience. Most web browsers allow you to adjust your browser settings to decline or delete cookies, but doing so may degrade your experience with our online services.

Clear GIFs, pixel tags, web beacons are typically one-pixel, transparent images located on a webpage or in an email or other message. These, or similar technologies may be used on our sites and in some of our digital communications (such as email or other marketing messages). They may also be used when you are served advertisements or you otherwise interact with advertisements outside of our online services. These are principally used to help recognize users, assess traffic patterns and measure site or campaign engagement. Our sites do not respond to Do Not Track signals.

Online Advertising

You may see advertisements when you use some of our online services. These advertisements may be for our own products or services, or for products and services offered by third parties. Which advertisements you see is often determined using the information we, our affiliates, service providers, and other companies that we work with have about you, including information about your relationships with us (e.g., types of accounts held, transactional information, location of activity). To that end, where permitted by applicable law, we may share with others the information we collect from and about you.

Linking to Third-Party Websites

Augeo may provide links to websites that are owned or operated by other companies ("third-party websites"). When you use a link online to visit a third-party website, you will be subject to that website's privacy and security practices, which may differ from ours. You should familiarize yourself with the privacy policy, terms of use, and security practices of the linked third-party website before providing any information on that website.

Transferring Your Information

Because Augeo is a US-based company, your information may be collected and processed in the United States. Additionally, as part of the products and services offered to you through our Site, the information which we collect about you may be transferred to, and stored in, one or more countries other than where you currently reside. For example, this may occur if any of our servers or third-party service providers are located in a country other than yours. These countries may have different data protection laws that are similar to your current residence. However, if we transfer your information in this way, we will put in place appropriate protection to make sure your personal data remains adequately protected and is treated in line with this Privacy Policy.

Basis for Processing - European Union Residents

Data protection law in Europe requires a "lawful basis" for collecting and retaining personal information from residents of the European Economic Area. Our lawful bases include:

• Performing the contract we have with you: In certain circumstances, we need your personal data to comply with our contractual obligation to deliver our services, and assist with any questions you may have.
• Consent: we may ask your consent to process your personal information in some situations.
• Legal compliance: Sometimes the law says we need to collect and use your data.
• Legitimate interests: This is a term in data protection law that allows us to process your personal information if we have a fair reason to use your data, and only if we do so in ways which do not hurt your interests and rights. We sometimes require your data to pursue our legitimate interests in running our business, including for delivering our services, fraud prevention, quality assurance, and marketing purposes, as long as our use of your data does not materially impact your rights, freedom or interests. This allows us to improve and develop the quality of the online experience we offer all our users.

Security

The security of your information is our top priority. We use physical, electronic, and procedural safeguards that comply with federal and international standards to protect and limit access to your personal information. Augeo also actively monitors our systems and your account for suspicious or fraudulent activity.

Managing Employee Conduct

Augeo has an absolute commitment to integrity, our related values and ethical standards, and the associated business conduct we expect from all our employees. These standards include specific guidelines about how employees must safeguard confidential information, including our customers' data.

Regulatory Compliance

Augeo maintains compliance with all required data protection regulations that apply to the information systems and data we collect. Augeo regularly validates its security, operational, and business practices, both internally and through third party audits.

Online Security

Augeo uses at minimum 128-Bit Encryption each time you access your account(s) and perform transactions on our portals. Look for the website URL to start with https:// or have a lock symbol, such as the one shown below:

Augeo regularly tests the web security of our sites and products.

As another security measure, Augeo enforces session timeouts after several minutes of inactivity on our sites and products. To ensure your security, in some cases we ask that you re-enter your User ID and password to resume your activity.

Fraud Monitoring

Augeo continuously monitors the registration, login, and activities of accounts to detect fraudulent or unauthorized use of your account.

What Can You Do To Help?

• Help protect yourself by keeping your operating system, browser, and anti-virus software up-to-date so you'll have the latest security enhancements.
• Regularly monitor your account for suspicious activity.
• Watch out for phishing emails. Use caution when opening links or attachments in emails that you are not expecting.
• Used strong passphrases and change them frequently.
• Use safe practices when on social media.

Please note that information you send to us electronically may not be secure when it is transmitted to us, depending on the systems and communication channels you use. We recommend that you do not use unsecure channels to communicate confidential information to us.

Controlling Your Personal Information

Below describes how and why Augeo processes and shares your personal information, and under which circumstances you can limit certain activities. Whenever we process your data for the reasons listed below, we will ensure that we always keep your personal data rights in mind.

Updating Your Information

Keeping your account information up-to-date is very important. You may review or update certain account information by logging in and accessing your profile, depending on the Augeo product or service portal used. If you cannot change the incorrect information online, or you prefer to request changes offline, please refer to the "Know Your Options" section below.

Know Your Options

Users or Site visitors residing in certain locations, including the European Union and California, may be afforded certain rights regarding their personal information. Except where an exception or exemption applies, these rights may include the right to: 1) request access to the information we have collected about you, as well as the right to review our data collection practices related to you, 2) request deletion of your personal information that we hold about you, 3) request correction of the data we hold about you, and 4) not to be discriminated against due to your exercise of any of the preceding rights. While these rights are not globally applicable, all of our customers are entitled to request access to the personal information that we hold about them. To ensure that your personal information is accurate and complete, please contact us through the email address below regarding any errors or updates affecting the personal information that we may hold.

You may request any of the above rights by sending your request to privacy@augeomarketing.com or by calling the toll-free call center number for your program. Residents of California may also designate an authorized agent to exercise certain privacy rights on their behalf, and should make any such request by contacting the above email address. To protect your privacy and security, Augeo may take reasonable steps to verify your identity before granting access to, correcting, or deleting data. We will generally respond to your request for information within 45 days, unless a longer response time is necessary, in which case, you will be advised accordingly. Please note that we may retain certain information as required by law or as necessary for our legitimate business purposes. If you have an applicable disability, you may also contact us at the above email address to request access to this Privacy Policy in an alternative format. We will reply as quickly as possible and inform you of the steps, if any, that have been or will be taken in order to address your concern or implement the suggestion.

Augeo has appointed a Data Protection Officer who is responsible for monitoring and ensuring compliance with this Privacy Policy, acting as a point of contact for data protection queries, managing Augeo's response to privacy-related incidents, and updating this Policy as necessary. If you have any privacy questions or concerns about how Augeo processes your personal data, please contact us by emailing privacy@augeomarketing.com, where you may exercise one or more of the below right. If you have contacted Augeo and have further questions about how to protect yourself, or if you have any concerns about how Augeo handles or processes your personal information, you may contact the data protection authority for your area:

• U.S. Residents: Visit the Federal Trade Commission Consumer Information website at www.ftc.gov.
• E.U. Residents: Visit the European Commission website at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm , and find the data protection authority for your country.

Updates to this Online Privacy Policy

We may change this Online Privacy Policy from time to time. When we do, we will let you know by appropriate means such as by posting the revised policy on this page with a new "Last Updated" date. Any changes to this Online Privacy Policy will become effective when posted unless indicated otherwise. This Privacy Policy was last updated January 01, 2020.

Figg's commitment to data security

Our sites are tested and certified daily to pass the Hacker Safe Security Scan. We are enrolled in Trustwave's Trusted Commerce program to validate compliance with the Payment Card Industry Data Security Standard (PCI DSS) mandated by all the major credit card associations including: American Express, Diners Club, Discover, JCB, MasterCard Worldwide, Visa, Inc. and Visa Europe. And through Network solutions, we are validated for secure online transactions.