Privacy Policy

1. Who We Are and Scope Of This Privacy Policy AXON Networks AXON Networks is a provider of a robust orchestration platform and a wide portfolio of next-gen high-speed routers that leverage the newest Wi-Fi technologies. Together, these technologies give ISPs the ability to manage and troubleshoot their networks in real time, and to deliver an outstanding customer experience (the “Services”). This Global Privacy Policy (hereinafter “Privacy Policy”) is designed to provide suppliers, employees, customers, end users, and visitors (our “Users”) with important information about the types of personal data AXON Networks and its affiliates (“AXON Networks,” “AXON”, “we,” “us,” “our”) collect from or about you and our practices for collecting, using, sharing, or processing of that data. AXON Networks is based in the United States of America, with affiliates in Denmark, Singapore, and Vietnam. This Privacy Policy addresses data collected by AXON Networks where we act as the controller or business, which includes data collected when you visit our webpage(s); visit our offices; register for or participate in our demonstrations, webinars, whitepapers, or contests; communicate with us; and download, access, or otherwise use our Services. This Privacy Policy does not apply in situations where we process personal data on behalf of our customers as a processor or service provider. If our customer provides you with access to our Services, your use is subject to our customer’s privacy and security practices. For more information relating to our customer’s privacy practices or to exercise your rights, please contact the customer directly.

2. What Personal Data Do We Collect At AXON Networks, we strive to limit the types and categories of personal data that is collected from and processed on behalf of our Users to include only data which is necessary to achieve the purpose(s) for which it was collected. We do not use personal data for additional purpose(s) which are incompatible with their initial collection. In other words, we have measures and policies in place designed to ensure that we only collect and process data from our Users that we believe is necessary to provide them with a world-class Service. Data We Collect Directly From You When you visit our website(s), interact with AXON Networks personnel, or use our Services, you may provide us with the following categories of personal data:

• Supplier and Customer Data. Your email may be needed to execute AXON Networks Services. However, you may also choose to provide identifiers such as first and last name or phone number to efficiently communicate with AXON in the provision of our Services or in the provision of services to AXON. Employee Data. Your personal information, and CV/Resume, and work-related history may be provided by you or collected by AXON Networks for the purposes of prospective and ongoing employment with AXON.

• Customer Content. Any files, documents, device logs, core dump files or similar data that you provide to us, as well as any other information you may provide to us in connection with your use of the Services, all of which is referred to as “Customer Content” in our terms of service.

• Webinars, Trainings, and Program Data. Data you provide to us when you request information; request support or technical assistance; or register for any of our demonstrations. This typically includes, but is not necessarily limited to, identifiers and employer information, such as, first and last name, a valid email address, company name, job title, phone number, and location.

• Support and Correspondence. Data you provide to us when you communicate with us by email, chat, and posts to social media pages, or another method. We process this data to respond to you and in the normal course of our business operations. You may also provide audio or video data when we record sales or support calls, with your consent.

• Feedback. Where you elect to provide us with feedback, which may include, but is not limited to, reviews or suggestions posted online (e.g. LinkedIn) or in our support platforms (e.g., JIRA or Confluence) or made in connection with surveys, market research, etc., we may use any applicable personal data provided with the feedback to respond to you. Data Automatically Collected When Using Our Websites Or Services

• Device and Usage Data (including Session, Location, and Usage data). When you visit our websites, we receive data that you or others voluntarily enter, as well as data that is automatically logged by the website (for example, IP addresses, location, language settings, and other diagnostic, troubleshooting, crash, and bug reporting data). We utilize this data to provide, operate, support the use of, and improve our Services.

• Cookies and Similar Technologies. Where applicable, if we are permitted to place cookies or contact you for marketing purposes, we may also use your personal data for purposes that are consistent and compatible with the original purpose of collection under the same legal basis or where your consent has been given. Note that we have made it easy for you to opt-out of receiving further marketing communications from AXON Networks at any time by contacting us at privacy@axon-networks.com. Data We Collect From Other Sources

• Social Media Integrations. Our websites include social media integrations to LinkedIn. If you use these features, they may collect your IP address or data about which page you are visiting on our site and may set a cookie to enable the feature to function properly. If you use these services, integrations, and features to authenticate your identity or pre-populate our sign-up or feedback forms, you direct these services to provide certain personal data with us such as your name and email address. You may be able to determine what you authorize those services provide us via your privacy settings of that service.

3. How We Use Your Data and Legal Basis AXON Networks processes personal data for the following purposes and relying on the associated legal basis: Purpose Description Legal Basis for Processing AXON Networks Employment Recruit, hire, and employ our personnel We process your personal data to confirm you legal ability to work in a given location, your fit against the requirements of the position, and provide benefits to you as an employee. Necessary for the performance of a contract or our legitimate interest to operate our Services AXON Networks Services Provide, operate, and support our Services We process your personal data to administer our Services and meet our obligations under the applicable Master Services Agreement, SOW, Product Schedule, or other executed contracts Necessary for the performance of a contract or our legitimate interest to operate our Services Address and respond to service, security, and We process your personal data if you contact us for support, to assist with responding to your inquiries Necessary for the performance of a contract or legitimate interest to fulfill your requests and customer support, and technical issues and use of the Services, and to address technical or security issues ensure Services meet customer expectations Improve our Services and enhance security of our users We process your personal data to identify usage trends and issues in order to optimize and improve the performance of our Services and research security threats and vulnerabilities to provide analysis and valuable insights back to our users Necessary for the performance of a contract or our legitimate interest to provide our Services and ensure our Services meet our customer expectations Maintain security, regulatory compliance, and to prevent fraud We process your personal data to detect, prevent, or otherwise address fraud, unlawful activities, comply with applicable law, or to address security issues Our legitimate interest to protect the integrity of the Services, AXON Networks, and its users Websites Maintain and improve our websites We process your personal data to operate, improve, and enhance our websites and provide you with information you access and request Our legitimate interest in providing a functioning website and content to our customers and prospective customers regarding our Services and related information. Manage marketing efforts We process personal data to respond to your requests for information Our legitimate interest in marketing and lead generation for our Services to the extent you provided your consent, where required by law. To exercise your rights, please refer to Section 9. Visits to our Offices, Webinars, and Demos Manage participation and attendance of demonstrations, training, and webinars We process your personal data to provision you access to, or allow you to participate in one of our online information sharing events Our legitimate interest in providing the webinar, training, demonstrations, or other programming; necessary for performance of a contract; or consent Register attendees and on-site visitors We process your personal data to register you and, where applicable, to complete associated nondisclosure agreements for security reasons Legitimate interest in protecting our employees, visitors, and information; necessary for performance of a contract; or consent Other and Communications Call recordings We process your personal data, including recording technical support calls, for training, quality assurance, and administrative purposes Our legitimate interest in maintaining quality customer service or consent To comply with applicable laws and administrative requests We process your personal data to comply with applicable laws and administrative or law enforcement requests, protect our rights and the rights of others, and to assert and defend against claims Necessary for compliance with a legal obligation or our legitimate interests of pursuing our legal rights and protecting our interests AXON Networks may aggregate your personal data in order to minimize the amount of personal data processed and for purposes listed.

4. Who We Share Your Personal Data With. We may share your personal data for the following reasons:

• With our affiliated companies and subsidiaries within the AXON Networks company group in order to operate our business and provide our services;

• With third-party service providers (such as IT and security service vendors, employee benefits providers, website hosting facilities, and email distribution services), contractors, and other third-parties we use to support our business. Such third-parties operate under appropriate confidentiality and data privacy obligations (only for the purposes identified in Section 3, “How We Use Your Data”);

• With specific partners that resell AXON Networks Services, to the extent you consent to such sharing (where required by applicable law); • If you are provided our Services by a AXON Networks customer, we may share your personal data with the affiliated customer responsible for your access to the Services to the extent this is necessary for verifying accounts and activity or investigating suspicious activity;

• With third-party social media networks, advertising networks, so that AXON Networks can market and advertise on those platforms;

• At your direction, with separate, specific notice to you, or with your consent; • In connection with a merger, divestiture, acquisition, reorganization, restructuring, financing transaction, or sale of all or substantially all of the assets pertaining to a product or business line;

• To courts or authorities or other third-parties if we believe disclosure is lawful, necessary or appropriate to detect, investigate, prevent, or take action against illegal activities, fraud, or situations regarding the safety or rights of AXON Networks, our employees, you, or others;

• To courts or authorities or other third-parties in order to enforce the terms of the contracts we have with you or your company; and • As required by law or administrative order, which includes responding to relevant government or regulatory requests. AXON Networks does not sell your personal data as that term is traditionally understood. However, under some US state laws, certain activities, including the use of third-party cookies may be considered a “sale” of your data. AXON Networks may share or disclose aggregate or anonymized data that does not identify an individual or a household.

5. How Long Do We Process Your Personal Data. We keep your personal data no longer than is needed for the business purposes for which it was collected (as outlined in Section 3) or as necessary to comply with our own legal and regulatory obligations. Unless requested sooner, we determine the appropriate retention period based on the length of time we have an ongoing relationship with you and reasonable time after which we may have a legitimate need to reference your personal data to address issues which may arise, whether there is a legal obligation to retain such records, and whether retention is allowed by applicable law.

6. Cross Border Data Transfers As a global organization, AXON Networks has international affiliates and subsidiaries, utilizes third-party service providers, and maintains a global infrastructure. Data that we collect and maintain will be transferred to and processed in the United States and other countries around the world. In cases of a transfer to “third countries,” which may be deemed to not provide the same level of data protection required by the European Commission or your applicable jurisdiction, AXON Networks applies additional safeguards, in accordance with applicable legal requirements, to ensure that the recipient provides an adequate level of data protection. For example, AXON Networks utilizes, as applicable and required, lawful data transfer mechanisms, including, but not limited to the European Union’s Standard Contractual Clauses (inclusive of any variations recognized in other regions of the world). AXON Networks’ privacy practices, as described in this Privacy Policy, comply with the APEC Cross Border Privacy Rules System (“CBPR”). The APEC CBPR system provides a framework for organizations to ensure protection of personal data transferred among participating APEC economies. AXON Networks’ privacy practices, as described in this Privacy Policy, comply with the APEC Privacy Recognition for Processors (“PRP”) system. The APEC PRP system provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies.

7. Security AXON Networks has implemented a comprehensive information security program which includes appropriate technical and organizational measures designed to safeguard and protect your data. AXON Networks has been assessed by, and received validation from, independent third-party auditors against recognized security standards and controls. Additionally, AXON Networks uses a combination of geographically distributed hosting providers and facilities to help deliver sufficient service availability, uptime, and redundancy needed to provide our global user base with the best possible user experience.

8. Children’s Privacy AXON Networks’ webpages and Services are not intended for children. If you inform us or we otherwise become aware that we have unintentionally received personal data from a minor without a parent’s or guardian’s consent, we will delete this data from our records.

9. Your Rights Your Rights Certain jurisdictions impose legal requirements and afford privacy rights with respect to the processing of personal data. Depending on the applicable laws of your jurisdiction and the additional information included in the below regional supplements to this Privacy Policy, your rights may include the right to:

• Access to your personal data and right to know more about how we process your personal data;

• Rectify or correct personal data about you that is inaccurate, incomplete or outof-date;

• Erase or delete your personal data;

• Restrict or limit the processing of personal data;

• Object to the processing of your personal data;

• Opt-out of the sale or sharing of your personal data for advertising purposes;

• Not be subject to automated decision-making, including profiling, resulting in legal or similarly significant effects (please note that automated decision-making does not occur on our websites or in our Services); and

• Appeal a refusal to act on any of the above-mentioned rights (please see applicable instructions included in the refusal or submit the appeal to privacy@axon-networks.com with the subject “Appeal of Consumer Rights Request”). AXON Networks will not discriminate against you, deny or provide you with a different quality of service, or charge you differently for exercising any of your privacy rights, as required by applicable law. Exercising Your Rights To exercise any of the above-mentioned rights, please submit your request via e-mail to privacy@axon-networks.com. For security purposes, we will need to verify your identity by matching the identifying information you provide with the personal data we already maintain. At a minimum, we will ask for your name and email address. AXON Networks will never ask you for your passwords. We may contact you for additional information that would allow us to reasonably verify your identity or in order to sufficiently respond to your request. The information that we ask you to provide for verification purposes will depend on your prior interactions with us (e.g. if you are a current AXON Networks JIRA or Confluence User, we may verify your identity through our existing authentication practices) and the sensitivity of the personal data at issue. We strive to respond to all legitimate privacy requests within one month of receipt, but in any event within the time frames required under applicable law. Depending on the complexity and number of requests we receive, it may take more than a month. If we require more time to process your request, we will let you know. For your convenience, AXON Networks Users may update their information, change their settings, or exercise some of their rights from within the Services. If you wish to no longer receive marketing communications from us, you can opt-out of marketing emails by sending an email with the request to unsubscribe@axon-networks.com. Please note that where AXON Networks processes personal data on behalf of our customer, your use is subject to our customer’s policies and privacy and security practices. If our customer provides you with access to our Services, please submit your requests directly with our customer. If you submit your request to us, we will refer the request to our customer and will honor and support any instructions they provide us with respect to your personal data.

10. Changes We may update this Privacy Policy from time to time to reflect changes to our personal data handling practices or respond to new legal requirements. If we make any material changes to this Privacy Policy that have a substantive and adverse impact on your privacy, we will provide notice on our website. We encourage you to periodically review this page for the latest information on our privacy practices.

11. Contacting AXON Networks If you have any other questions about this Privacy Policy you may contact the AXON Networks Privacy Team by emailing us at privacy@axon-networks.com or write to us via postal mail at: Attn: Privacy Matters, c/o AXON Networks Legal, AXON Networks, 15420 Laguna Canyon Rd, Suite 150, Irvine, CA 92618. If you have any difficulties reviewing the contents of this Privacy Policy, you may also contact privacy@axon-networks.com if you wish to obtain a copy of this Privacy Policy in an alternative format.

12. European Economic Area, United Kingdom, and Switzerland Supplement The following information supplements the above Privacy Policy and applies to individuals from the European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland. Data Controller AXON Networks EMEA (Svanevej 22, 2400 Copenhagen, Denmark is the controller for data collected in connection with your use of the Services if you live in the EEA, UK or Switzerland or visits to our offices in the EEA. For purposes of providing the Services, AXON Networks US HQ, AXON Networks EMEA, and AXON Networks APAC (contact information in Section 11) are responsible as joint controllers. The parties have jointly determined the means and purposes of processing. AXON Networks US is the controller for data collected in connection with visits to our webpages and registration for and participation in our webinars. For information on how to exercise your privacy rights, please refer to Section 9 of this Privacy Policy. For your convenience, your request will be handled centrally on behalf of the relevant controller. Legal Basis For Processing Personal Data We process personal data for the purposes described in Section 3 of this Privacy Policy, which also include the lawful bases. Your Rights As An EU, UK, or Swiss Data Subject As a data subject in the EEA, UK, or Switzerland, you have certain rights in relation to our processing of your personal data in accordance with applicable data protection regulations:

• Right to access (Art. 15 GDPR), right to rectification (Art. 16 GDPR), right to erasure (Art. 17 GDPR), right to restriction (Art. 18 GDPR), right to data portability (Art. 20 GDPR), right to withdraw previously given consent (Art. 7(3) GDPR).

• Right to object (Art. 21 GDPR). In certain circumstances (e.g., where the legal basis for processing is a legitimate interest or if we are performing direct marketing), you may object to continued processing for those purposes. If you do, we will re-evaluate our legitimate business interests and your data protection interests. We will only continue the processing activity if (i) there are compelling legitimate grounds for the processing that override your interests, rights and freedoms, or (ii) the processing is necessary to establish, enforce or defend legal claims.

• Right to lodge a complaint. We prefer to resolve any data protection concerns directly with you. However, you have the right to submit a complaint with a competent supervisory authority in the EEA, UK, or Switzerland where you reside, work, or suspect an infringement has occurred. You may find the contact details for the appropriate data protection authority here: https://edpb.europa.eu/about-edpb/about-edpb/members. If you would like to exercise your rights as a data subject, please refer to Section 9 of this Privacy Policy or reach us at privacy.emea@axon-networks.com for more information. For additional information from the European Commission concerning data protection and your rights, see: https://ec.europa.eu/info/law/law-topic/dataprotection/reform/rights-citizens_en.

13. California Supplement The following information applies to California consumers. The California Consumer Privacy Act (as amended by the California Privacy Rights Act) (“CCPA”) requires business to provide certain information to consumers. This includes the categories of personal information that we disclose for “business purposes” to affiliates, service providers, partners, or other third parties detailed in Sections 3 and 4 of this Privacy Policy. We disclose the following categories of personal data: • Identifiers; • Commercial information;

• Internet activity information;

• Geolocation data;

• Audio and visual information;

• Professional or employment-related information; and

• Inferences drawn from the categories of information described above. AXON Networks does not sell your personal information as that term is traditionally understood. However, under California law, certain activities, including the use of third-party cookies may be considered a “sale” of your data. Your Rights As A Californian Resident As a data subject in California you have certain rights in relation to our processing of your personal data in accordance with the CCPA. These include the right to know and access specific pieces of personal data that we process about you, right to request deletion of your personal data, right to request correction of your personal data, right to opt-out of sharing your personal data for advertising purposes, and right to nondiscrimination for the exercise of your privacy rights. If you are a California resident under the age of 18 years old, you may ask us to delete your data (please note that AXON Networks’ websites and Services are not intended for children). Your browser settings may allow you to restrict or block Cookies that are set by our website (or any other website on the internet). Your browser may include specific information on how to adjust your settings. Some internet browsers may also provide you with the ability to transmit “Do Not Track” signals or turn on Global Privacy Controls. Please see the California Privacy Protection Agency’s website at https://oag.ca.gov/privacy/ccpa for more information on valid Global Privacy Controls. If you would like to opt-out of sharing with other identifiers, please refer to Section 9 of this Privacy Policy. If you would like to exercise your rights, please refer to Section 9 of this Privacy Policy or reach us at privacy@axon-networks.com for more information. Authorized Agent You may designate an authorized agent to make a request on your behalf if:

• The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and

• You sign a written declaration that you authorize the authorized agent to act on your behalf. If you use an authorized agent to submit a request to exercise your right to access or right to request deletion of your personal data, please have the authorized agent take the following steps in addition to those steps described above:

• Mail your written declaration authorizing the authorized agent to act on your behalf, certified by a California notary public, to Attn: Privacy Matters, 15420 Laguna Canyon Rd, Suite 150, Irvine, CA 92618 with an email cc: to privacy@axon-networks.com; and

• Provide any information we request in our response to your email to verify your identity. The information that we ask you to provide for verification purposes will depend on your prior interactions with us and the sensitivity of the personal data at issue. If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the California law.