Privacy Policy — Momentum Member Protection

Momentum Member Protection – MOXA/COVI Privacy Policy Instructions

Required Disclaimer

This platform is powered by Momentum Member Protection LLC. For more information about Momentum Member Protection’s privacy practices, please visit https://www.momentumvsc.com/ privacy

Additional Information: Overview of Common Data Categories Collected via MOXA/COVI

This section provides additional information about the types of personal information customers typically collect when using the MOXA and/or COVI platform. Customers are responsible for ensuring that the privacy policy posted on MOXA/COVI provides all necessary disclosures and notices under applicable law.

Categories of Personal Information Potentially Collected Via the Platform: • Contact information, such as name, mailing address, email address, and phone number.

• Account information, such as username and password created when users register for an account.

• Asset information, such as details about the asset for which a consumer wishes to purchase or has purchased a protection plan (i.e., year, make, model, odometer/hours, weight class, length, engine size, purchase price, line of business

(personal/commercial), intended use (rideshare), VIN and VIN-related data, information relating to a support or service issue, recall information, and warranty information).

• Warranty and claim information, such as details about asset warranties (i.e. purchase data, contract purchase price/payment, term, coverage level, deductible) or information about claims (i.e. claim data, claim number, details of claim, claim status, claim paid amounts and other claim related information).

• Preferences, such as marketing or communication preferences.

• Communications, such as information associated with inquiries submitted via the platform and any feedback provided.

• Payment information, such as bank account information or payment card data and billing address. Please note, third-party payment processors manage payments made via the platform, and Mometum Member Protection only retains the last 4 digits of the payment card and the expiration date.

• Lienholder Information, such as the lienholder name, address and phone number for any loan linked to the asset.

• Other personal information provided by users, such as during the registration process, when submitting a form, or otherwise through the platform.

Device information, such as IP address, computer and mobile operating system, mobile device ID, operating system type and version number, wireless carrier,

manufacturer and model, browser type, screen resolution, general location information such as city, state, or geographic area, and other device information collected automatically.

• Online activity information, such as linking pages, pages or screens viewed, time spent on a page or screen, navigation paths between pages or screens, information about activity on a page or screen, access times, duration of access, and other online activity information.

The platform uses cookies and similar technologies to help customers collect certain information automatically, such as:

• Cookies. "Cookies" are identifiers (text files) stored on the user’s local browser or hard drive that allow MOXA to recognize the user’s browser, store information or settings in the user’s browser, or provide certain information about website usage, such as how and when pages in the website are visited and by how many people

• Other technologies such as “log files,” "pixel tags" or "web beacons." When users access MOXA or COVI, the platform’s servers automatically record information sent from the user’s browser, which may include the device information and online activity information described above. In addition, MOXA may contain small electronic files known as web beacons (also referred to as “clear gifs,” “pixel tags,” or “single-pixel gifs”) that permit the platform, for example, to count users who have visited those pages and for other related statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

• Software Development Kits. Software development kits, or SDKs, are third-party computer codes used in connection with COVI for a variety purposes, including to provide analytics regarding the use of COVI, to integrate with social media, to add features or functionality to COVI, or to facilitate online advertising. SDKs may enable third parties to collect information directly via COVI.

Do Not Track:

Some browsers may be configured to send “Do Not Track” signals to the online services that you visit. The platform does not currently respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.