PRIVACY POLICY:

RoboForm is wholly owned and operated by Siber Systems Inc. (Siber),
a Virginia Corporation located at 3701 Pender Drive, Suite 400,
Fairfax, VA 22030, United States.

DATA WE COLLECT AND HOW WE USE IT:
Customer is identified on Order Form, which is filled out
by Customer when purchasing RoboForm products.

Personal data of Customers that purchase RoboForm licenses
is stored on Siber servers in the data center located in USA.

Siber collects Email, Phone Number, Full Name
for the purpose of account management and user support.

Siber collects Email, Phone Number, Full Name, Address and
Credit Card Number for payment processing: making purchases,
refunds and chargebacks, activation and reactivation of RoboForm licenses.

Siber collects Product Name, Full Name (as recorded in payment / license
management system), Order ID (as recorded in payment / license management system),
Email (as recorded in payment / license management system), Unique ID (GUID),
Computer ID (generated via one-way function from some of the computer attributes),
Disk ID (generated via one-way function from Disk ID of a system disk)
for license activation and periodic license check.

Siber collects Product Version, Internet Explorer Version, OS Version,
Full Name (as recorded in payment / license management system),
Email (as recorded in payment / license management system),
Product Executable Filename during product auto-update.
User needs to opt-in to use that option.

Siber only uses minimum of user data necessary to manage user account
or to process payment. No other information is collected.

HOW WE SHARE YOUR DATA:
Siber will not send personal data stored on Siber servers to other
companies or individuals, except for cases when sending of such data
is required by Siber business processes.

Siber discloses Email, Full Name, Phone Number and Address
to Stripe which is credit card processor. Siber may also disclose Email
and Full Name to MailChimp and IBM Watson for purposes of sending email.

MARKETING:
Siber will send infrequent product update newsletters and promotional offers
to the email and postal addresses stored by Siber, but Customer shall have
an option to unsubscribe from such email newsletters and offers.
Siber will also present infrequent offers of Siber and 3rd party software
on post-update web page that is shown when user installs new version of RoboForm.


FOR EU AND SWISS INDIVIDUALS:
PRIVACY SHIELD NOTICE FOR PERSONAL DATA TRANSFERS TO THE UNITED STATES

Siber complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy
Shield Framework as set forth by the US Department of Commerce regarding the collection,
use, and retention of personal information from European Union member countries
(and Iceland, Liechtenstein, and Norway) and Switzerland transferred to the United States
pursuant to Privacy Shield. Siber has certified that it adheres to the Privacy Shield Principles
with respect to such data. If there is any conflict between the policies in this privacy policy
and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall
govern. To learn more about the Privacy Shield program, and to view our certification page,
please visit https://www.privacyshield.gov/

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks,
Siber is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain
our confirmation of whether we maintain personal information relating to you in the United States.
Upon request, we will provide you with access to the personal information that we hold about you.
You may also may correct, amend, or delete the personal information we hold about you.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data
transferred to the United States under Privacy Shield, should direct their query to jwalls@siber.com.
If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share
your data with third parties other than our agents, or before we use it for a purpose other
than which it was originally collected or subsequently authorized.
To request to limit the use and disclosure of your personal information,
please submit a written request to jwalls@siber.com.

In certain situations, we may be required to disclose personal data in response
to lawful requests by public authorities, including to meet national security
or law enforcement requirements.

Siber's accountability for personal data that it receives in the United States
under the Privacy Shield and subsequently transfers to a third party is described in
the Privacy Shield Principles. In particular, Siber remains responsible and liable
under the Privacy Shield Principles if third-party agents that it engages to process
the personal data on its behalf do so in a manner inconsistent with the Principles,
unless Siber proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Siber commits to resolve complaints
about your privacy and our collection or use of your personal information transferred
to the United States pursuant to Privacy Shield. European Union and Swiss individuals
with Privacy Shield inquiries or complaints should first contact Siber by email at
jwalls@siber.com or via post at
Siber Systems Inc - Privacy Officer
3701 Pender Drive, Suite 400
Fairfax, VA 22030
USA

Siber has further committed to refer unresolved privacy complaints under the Privacy
Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY
SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely
acknowledgment of your complaint, or if your complaint is not satisfactorily addressed,
please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and
to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under
certain conditions, you may invoke binding arbitration for some residual claims
not resolved by other redress mechanisms.
See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction


** TERMS OF USE **

PERSONAL DATA IN ROBOFORM WITHOUT SYNCHRONIZATION:
NO TRANMISSION, NO RECOVERY.

All Password Data that Customer enters into RoboForm
is stored only locally on Customer's computer if Customer
does not use option to Synchronize with RoboForm Everywhere.
In this case RoboForm does not transmit any Password Data over the Internet.

However, if Customer or a program running on Customer's
computer causes RoboForm to fill an online form with such
personal data, then submission of this form will result
in this data being sent over the Internet but
this shall be deemed not to be caused by RoboForm.

Customer agrees that deletion or loss of Password Data entered
into RoboForm will cause irreversible loss of the said Password Data
and Customer accepts the risk of such loss.


PERSONAL DATA IN ROBOFORM WITH SYNCHRONIZATION:
DATA TRANSMITTED, RECOVERY POSSIBLE.

If Customer uses Synchronize with RoboForm Everywhere option then
Customer Password Data is stored locally on Customer Computer or
portable disk and on RoboForm Everywhere server.
If local copy of user data is lost, Customer may obtain
copy of this data from RoboForm Everywhere server.

However, availability of backup copy is NOT guaranteed
by Siber and Siber shall NOT be held liable,
if it cannot produce copy of Customer's RoboForm data.
Customer is hereby encouraged to keep multiple copies of
RoboForm user data on his/her computers, disks and devices.

Also in this case RoboForm shall transmit RoboForm Password Data
over the Internet, for the purposes of storing backup copy of
Customer RoboForm Password data on RoboForm Everywhere server and
for purposes of synchronization of said data between Customer computers
and mobile devices. Customer hereby authorizes such transmission.


ONLINE LICENSE ACTIVATION AND MONITORING:
Customer hereby agrees to Online License Activation and Monitoring
process for all RoboForm licenses (Personal, Family, for Business).
In this process RoboForm checks the validity of Customer's RoboForm license
by contacting the Siber server at *.RoboForm.com via the Internet
and sending data that uniquely identifies Customer's computer.
Customer also agrees that Online Activation and Monitoring
will be used to enforce provisions of this Agreement.

TRANSMISSION OF DATA IN AUTOUPDATE:
RoboForm automatically checks Siber's server www.RoboForm.com
for new versions and security patches approximately once a day.
If it finds a version that is newer than the version that is currently installed,
RoboForm will suggest that Customer upgrades to the more recent version.
The checking of new version results in various data related to computer
and license to be transmitted to Siber server and maybe stored on this server.
Customer hereby allows such data transmissions to occur.

ROBOFORM WEB SITE:
RoboForm web site may use cookies to track users and Customer agrees to that.
RoboForm affiliates and advertisers may also use cookies and Customer agrees to that.

RoboForm Web Site utilizes Google Analytics features, including Remarketing with
Google Analytics, Google Display Network Impression Reporting, and Google
Analytics Demographics and Interest Reporting and Customer consents to this.

Google provides a complete privacy policy and instructions on opting out of
Google Analytics here: https://www.google.com/intl/en/analytics/privacyoverview.html