Privacy Policy

GLOBAL PRIVACY NOTICE

As the leading provider of information, analytics, and online marketplaces to the commercial real estate industry, PAXIV, LLC and our affiliates (collectively, “PAXIV,” “we,” or “us”) respect your privacy and are committed to protecting your Personal Information. This Global Privacy Notice describes the types of Personal Information we collect and our practices for using, maintaining, sharing, and protecting it. It also describes the rights and choices you may have with respect to your Personal Information and how you may contact us about our privacy practices. Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements, and specific privacy practices may apply to some of our products and services.

This Global Privacy Notice applies to the following websites and any associated PAXIV websites, products, services, and mobile applications (the “Services”):PAXIV.com. It does not apply to the collection and use of certain employment-related information. If you are a current or former PAXIV job applicant, employee, owner, director, officer, or contractor, please Contact Us for the appropriate policy.

When using our websites, you may choose to interact with features from third parties that operate independently from PAXIV, such as social media widgets and links to third-party websites. PAXIV has no control over and is not responsible for the privacy practices of such third parties. This Global Privacy Notice does not apply to the extent PAXIV does not own or control any linked websites or features you visit or use. We recommend that you familiarize yourself with the privacy practices of these third parties.

Table of Contents

1. Types of Personal Information

2. Collection of Personal Information

3. Use of Personal Information

4. Disclosure of Personal Information

5. International Transfer of Personal Information

6. Security of Personal Information

7. Retention of Personal Information

8. Manage Your Personal Information

9. Global Policy Notice Changes

10. 2FA SMS Privacy Policy

11. Contact Us

1. Types of Personal Information

“Personal Information” means any information directly or indirectly relating to an identified or identifiable individual. Examples of Personal Information PAXIV may collect include:
Payment information (credit card and other payment card information)
● Personal contact information (name, nickname, gender, mailing address, email address, phone number)
● Business information (office location, business contact information, department, job title/description, professional bio)
● Log-in credentials (username, password)
● Photographs and biometric data (facial geometry)
● Usage details (log-on activity, search terms, views, clicks, downloads, PAXIV-related preferences, leadsubmission information, cursor movement, scrolling activity and other related attributes)
● Technical details (IP address, geolocation information, cookie/session IDs, authentication information, browser type/version, operating system/platform)
● Any other information you or other PAXIV customers may upload or enter into to the Services

Service-Specific

PAXIV Information and Analytics Through our PAXIV information services and analytics services, we may additionally collect:
● Country code, location name, and contact ID
● Business history, investor type, prior companies, credentials, and phone call recordings
● Phone call and video conference recordings

California Residents

We collect Personal Information as defined by the California Consumer Privacy Act, which is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer orhousehold. Personal Information does not include de-identified or aggregate information, publicly-available information that is lawfully made available from federal, state, or local government records, and information covered by certain sector-specific privacy laws. PAXIV has collected the following categories of Personal Information about consumers in the 12 months preceding the date this Global Privacy Notice was last modified:
● Identifiers (e.g., real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, or other similar identifiers)
● Categories of personal information described in California Civil Code §1798.80(e) (e.g., signature, telephone number, bank account number, credit card number, debit card number, or other financial information)
● Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)
● Internet or other electronic network activity information
● Geolocation data
● Professional or employment-related information
● Inferences drawn from other Personal Information (e.g., profile reflecting your preferences, characteristics, and behavior)
● Sensitive personal information, including: biometric information, precise geolocation, login credentials (username and password), and the content of messages sent through the Services

2. Collection of Personal Information

PAXIV may collect Personal Information using the following methods:
● Directly from you when you provide it to us (information you enter into web forms, participation in phone calls or video conferences, subscription agreements, and contracts or submit to the Services)
● Through your participation in surveys, promotions, and contests
● PAXIV’s internal customer relationship management system and databases
● From third parties, such as analytics and email marketing service providers
● Researching public websites where permitted by the Terms of Use (company websites, search engines, social media)
● Automatically through tracking technologies (cookies, web beacons, log files), including over time and across third-party websites or other online services For more information about how we use Personal Information collected through tracking technologies and the ways you may be able to manage it, see Use of Personal Information, our Cookie Policy, andManage Your Personal Information.

Service-Specific

PAXIV Email Advertising Products
● Marketing, Investment Development and Third Party Advertising: We collect Personal Information from individuals whose details are on our database and who are most likely to be either a commercial or private investor.
● Secondary Corporate Marketing: We collect Personal Information from individuals whose details are on our databases.
● Weekly Property Marketing: We collect Personal Information from individuals whose details are on our database and who are most likely to be either a commercial or private investor.
● Retail: We collect Personal Information from individuals whose details are on our database and who will be either commercial or private individuals. Privacy practices related to our marketplace are detailed in theMarketplace Global Privacy Notice. PAXIV Information and Analytics We may additionally collect Personal Information in the following ways specific to PAXIV Information and Analytics:
● Extracting information from past registrations
● For Personal Information about a user through agents, owners, property managers, developers, asset managers and architects; from clients or other contacts (including, among others, admins, colleagues, joint agents brochures) with updated contact information; search engine searches; or from a listing Broker’s website
● For Personal Information about corporate tenants and landlords, from corporate tenants, landlords, building managers, front desk/concierge, and neighboring tenants; LinkedIn or other social media (business Facebook page, Twitter); paid third-party providers; public and freely accessible databases such as statewebsites; published agent investment brochures and tenancy schedules; search engine searches; or from a corporate tenant’s or landlord’s website.

Biometric and Geolocation Information

Some areas of PAXIV Services may require you to opt-in to PAXIV collecting photos, facial geometry, and geolocation information from you when you log in to certain PAXIV Services. This information is used to authenticate you as the user of such Services, maintain a secure session, and detect potential abuse and fraudulent use of the Services. For example, PAXIV may scan and analyze a photo you submit to the Services to confirm your identity for security purposes each time you access the Services by using facial recognition technology to compare your photo to the most recent photo uploaded to your account. PAXIV will securely store this information on servers located in the United States, and this information will only be accessed by authorized PAXIV employees. We will retain biometric information until the initial purpose forcollecting or obtaining such information has been satisfied or within three years, whichever occurs first. If you have questions regarding PAXIV’s use of biometric or geolocation information, please Contact Us.

Children Under 16

PAXIV websites are not intended for children under 16 years of age, and we do not knowingly collect Personal Information from children under 16. If you are under 16, do not use or provide any information on this website or through any of its features, register, or make any purchases. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete it. If you believe we might have any Personal Information from or about a child under 16, please Contact Us.

California Residents

PAXIV collects Personal Information from the following categories of sources:
● Directly and indirectly from you
● Other PAXIV customers
● Service providers, including data analytics providers
● Third parties, including advertising services and social media networks
● Consumer reporting agencies
● Companies with public websites
● Government entities

European Economic Area (EEA) and United Kingdom Residents

Where we need to collect Personal Information by law or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us but will notify you first.

3. Use of Personal Information

We may use your Personal Information for the following purposes:
● Communicating with you
● Providing you with the Services
● Authenticating use, detecting potential fraudulent use, and otherwise maintaining the security of the Services
● Developing, testing, improving, and demonstrating the Services
● Creating and maintaining a customer relationship management system, member directories, and invitation lists for PAXIV events
● Carrying out our legal and contractual obligations and enforcing our rights, including billing and payment processing
● Anonymizing and aggregating information for analytics and reporting
● Advertising, marketing, and selling the Services, including linking together or merging Personal Information with other Personal Information so that we may better understand your needs and inform you about our Services and those of our partners
● Short-term transient use, as defined in the California Consumer Privacy Act of 2018
● Any other purpose with your consent

Service-Specific

PAXIV Information and Analytics We may use Personal Information for the following additional purposes in connection with PAXIV Information and Analytics products:
● Populating and updating email lists
● Advising clients of PAXIV product enhancements and improvements
● Contacting users to collect listing, deal and other industry data on a monthly basis
● Entering details into PAXIV® where those details can be viewed by our subscriber base and used for marketing purposes
● Identifying trends, aggregating statistics, optimizing your use of the Services and providing a safer environment for purchasing in connection with your use of PAXIV.com and its related services
● Training and quality assurance PAXIV Applications Through PAXIV Applications, PAXIV stores information uploaded and entered into the applications by PAXIV customers for their own purposes (property records, tax documents, property and prospect contacts, listings, deal/lease information, free form notes, etc.) on behalf of PAXIV’s customers as a data processor.PAXIV uses this information for the purpose of interacting with current and prospective clients, tracking engagement, and for customer support activities.

Online Advertising

When you use the Services, we and third parties may use cookies and other tracking technologies to collect information, including Personal Information, to help us target content to you on the Services or elsewhere. This information may be associated with other information or combined with information from other sources, including information these third parties might track about your online activities over time and across the Internet. Third parties use this information to provide interest-based display advertising and retargeting on our behalf, which may include placing our advertisements on other websites you visit, including your social media accounts, or matching a cookie or device ID to your email address so we can send you promotional emails that may be of interest to you.
To make informed choices about targeted advertising, see our Cookie Policy and Manage Your PErsonal Information.

European Economic Area (EEA) and United Kingdom Residents

We rely on the following lawful bases to process your Personal Information for these non-exhaustive purposes:

Consent

We may obtain your consent to process your Personal Information in certain circumstances, which may include when we send you relevant marketing, you elect to receive information from us, or you contact us to register an interest in our Services or company. We may also rely upon our legitimate interest in developing our business as a basis for sending you marketing information and information about our Services (see below).

Performance of a Contract

We rely on this lawful processing ground when we process your Personal Information to perform a contract which we have with you, or when we take steps in anticipation of entering into a contract with you, for example in connection with the provision of our Services to you and the management of our relationships with third parties.

Compliance with a Legal Obligation

We rely on this lawful processing ground when we process your Personal Information to meet legal and regulatory obligations which apply to us.

Legitimate Interests

We rely on this lawful processing ground when we process your Personal Information to provide our Services, to respond to specific requests, to manage our business operations, to manage our relationships with you and with third parties in connection with our business, and when weprovide you with marketing information or other information in relation to our Services which we believe may interest you. If you wish to have more information regarding the legitimate interests assessments we have conducted in order to reach these conclusions, please Contact Us.

4. Disclosure of Personal Information

We may disclose Personal Information:
● To affiliates and other entities within PAXIV’s group of companies, distribution partners, other PAXIV customers, and service providers
● To third parties when you use a third party feature in our Services
● To enforce or apply our Terms of Use and other agreements or comply with any court order, law, or legal process, including government or regulatory requests
● To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of PAXIV’s assets
● To advisors, consultants, auditors, or similar professionals to assess our business, financial, and legal obligations or operations
● If we believe it is necessary to protect the rights, property, or safety of PAXIV or others
● For any other purpose disclosed by us when you provide Personal Information
● With your consent, such as when you choose to provide your information to third parties We may also disclose de-identified information without restriction. Note that if you make any Personal Information publicly available on the Services, anyone may see and use such information.

Service Providers

PAXIV retains third party service providers to assist us in our business. For example, we use service providers to assist with analytics, email marketing, payment processing, customer relationship management, and IT infrastructure and support. PAXIV may permit these affiliates and service providers to access your Personal Information in order to assist us in providing services; however, we contractually require these vendors to keepPersonal Information confidential and use it only for the purposes for which we disclose it to them.

California and Quebec, Canada Residents

PAXIV shares Personal Information with the following categories of third parties and has disclosed the following categories of Personal Information for a business or commercial purpose in the 12 months preceding the date this Global Privacy notice was last modified:

Personal Information

Third Parties

Identifiers

Service providers, including data analytics and advertising providers, operating systems and platforms, social networks, other PAXIV customers

Categories of personal information described in California Civil Code §1798.80(e)

Service providers, other PAXIV customers

Commercial information

Affiliates, distribution partners, other PAXIV customers

Internet or other electronic network activity information

Service providers, including data analytics and advertising providers

Geolocation data (e.g., IP addresses)

Service providers

Professional or employment-related information

Service providers, other PAXIV customers

Inferences

Service providers, including data analytics and advertising providers

Sensitive personal information, including biometric information, precise geolocation, login credentials, and the contents of messages sent through the Services

Service providers

PAXIV may also sell/share certain Personal Information. In the 12 months preceding the date this Global Privacy Notice was last modified, PAXIV sold:

● Identifiers (e.g., IP address and other online identifiers), Internet or other electronic network activity information, and commercial information (e.g., purchasing tendencies or records of products or services purchased or considered) to advertising providers for the purpose of advertising its Services
● Identifiers (e.g., name, email address), categories of personal information described in California Civil Code §1798.80(e) (phone number), and professional information (e.g., name, title, email address, business address) to other PAXIV customers for the purpose of making business contact information available through the Professional Directory feature

5. International Transfer of Personal Information

PAXIV is a global business. We may transfer your Personal Information to the United States, where we are headquartered, and to other countries which may not have the same privacy laws as the country in which you initially provided the information, but we will protect your Personal Information in accordance with this Global Privacy Notice, or as otherwise disclosed to you.

European Economic Area (EEA) and United Kingdom Residents

If you live in the EEA or the United Kingdom, we may transfer Personal Information to countries for which adequacy decisions have been issued, use contractual protections for the transfer of Personal Information to third parties, such as an intra-company agreement or the European Commission’s Standard Contractual Clauses or their equivalent under applicable law.

You may Contact Us to obtain a copy of the safeguards we use to transfer Personal Information outside of the EEA or the United Kingdom.

Canadian Residents

We may use service providers located outside of Canada, including, without limitation, in the United States of America, to process Personal Information, and may transfer your Personal Information to such service providers for this purpose. When your Personal Information is processed outside of Canada, it will be subject to the laws of the countries where the information is processed and may be accessible to law enforcement and national security authorities of those countries in accordance with their laws.

You mayContact Us to obtain information about our policies and practices regarding the use of service providers located outside of Canada.

6. Security of Personal Information

PAXIV implements security safeguards to protect your Personal Information.

We take steps to secure Personal Information through administrative, technical, and physical safeguardsdesigned to protect against the risk of accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. For example, we encrypt payment card information in accordance with the Payment Card Industry Data Security Standard (PCI DSS) and store sensitive information such as biometric and geolocation data on PAXIV servers located in the United States with access limited to authorized PAXIV employees.

Unfortunately, we cannot guarantee the security of information transmitted through the Internet, and where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential.

PAXIV has designated a Cybersecurity Team to investigate and respond to all security issues and vulnerabilities regarding its offerings. You can contact this team at: SUPPORT@PAXIV.com.

7. Retention of Personal Information

PAXIV will retain your information only for as long as is reasonably necessary for the purposes set out on this Global Privacy Notice, for as long as your account isactive (i.e., for the lifetime of your PAXIV customer account), or as needed to provide the Services to you. If you no longer want PAXIV to use your information to provide the Services to you, you may close your account. PAXIV will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and as otherwise described in this Global Privacy Notice. Please note that closing an account may not make your email address, username, or property name (if any) available for reuse on a new account. We also retain log files for internal analysis purposes. These log files are retained for a brief period of time, except in cases where they are used to protect the safety and security of the Services, to maintain and improve functionality of the Services, or to comply with legal obligations.

8. Manage Your Personal Information

You may manage your Personal Information by making certain choices. If you believe that any Personal Information you have provided to us is out-of-date or inaccurate, you may review and correct such information ifit is within your online account by logging in at any time or Contact Us. You may also have additional rights detailed below depending on where you live. As a security precaution, we may need to request information from you to help us confirm your identity when exercising a right related to your Personal Information.

Direct Marketing Opt-Out

If you no longer wish to receive direct marketing emails from PAXIV, you may click the “Unsubscribe” link in an email at any time. Depending on the Services, you may also be able to manage notification preferences in your account. Note that PAXIV may still contact you about the Terms of Use, Global Privacy Notice, or other legal notices, or in connection with providing you Services you have requested from us.

Tracking/Online Advertising Opt-Out

You may disable or delete browser cookies through your browser settings. Cookies are generally easy to disable or delete, but the method varies between browsers. To learnhow you can manage Flash cookies, visit Adobe’s Flash player settings page  . Flash player settings page. If you disable or delete cookies, or if you are running third-party software that intercepts or deletes cookies, please note that some parts of our websites may not work properly. You can opt out of third parties collecting your Personal Information for targeted advertising purposes in the United States or Canada by visiting the National Advertising Initiative’s (NAI)  opt-out page and the Digital Advertising Alliance’s (DAA)  opt-out page and in the EEA and United Kingdom by visiting The Programme’s  opt-out page. Our Services do not recognize  Do Not Track  signals.

California Residents

If you live in California, you have the right to:

(1) request that PAXIV disclose what Personal Information we collect, use, disclose, and sell;
(2) request deletion of Personal Information, subject to certain exceptions;
(3) request that PAXIV correct inaccurate or incomplete Personal Information;
(4) opt-out of the sale of Personal Information;
(5) opt-out of the “sharing” or disclosing Personal Information for the purposes of cross-context behavioral advertising, and
(6) not receive discriminatory treatment by PAXIV for exercising these rights.

Requests to Know You have the right to request that we disclose the following information:

● Specific pieces of Personal Information PAXIV has collected about you;
● Categories of Personal Information PAXIV has collected about you, disclosed about you for a business purpose, or sold;
● Categories of sources from which the Personal Information is collected;
● Categories of third parties with whom PAXIV shares or to whom PAXIV sells Personal Information; and
● The business or commercial purpose for collecting and selling and sharing Personal Information.

Opt-Out of the Sale or Sharing of Personal Information

You have the right to opt-out of the sale of your Personal Information. To make such a request, please Contact Usby email or visit Do Not Sell my Personal Information [hyperlink]. To opt-out of PAXIV sharing your Personal Information with third parties to advertise our Services, please additionally manage Tracking/Online Advertising Opt-Out [hyperlink] privacy controls.

Please click here [hyperlink]for statistics relating to California Consumer Privacy Act requests received by PAXIV brands under this Global Privacy Notice in the prior calendar year.

We do not have actual knowledge that we sell or share the Personal Information of consumers under the age of 16. We do not use or disclose sensitive personal information for purposes other than those specified in Cal. Civ Code § 1798.121.

Exercising Your Rights

To make a request, please Contact Us by email, call us toll-free at (407) 242-4321, or submit the request through your PAXIV account or our rights request web form [hyperlink]. In order to verify your request, PAXIV mayrequire you to provide additional information to confirm the identity of the consumer.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. To make a request on your behalf, an authorized agent may Contact Us by email with proof of your written and signed permission to do so. Note that PAXIV may also require you to verify your identity and confirm that you gave permission.

Shine the Light Request

California residents may also have the right to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please Contact Us.

Nevada Residents

Nevada residents may have the right to opt-out of the sale of Personal Information we have collected or will collect. To make such a request, please Contact Us.

Virginia Residents

If you live in Virginia, you have the right to:
(1) request that PAXIV disclose and provide a copy of what Personal Information we collect, use, disclose, and sell;
(2) request deletion of Personal Information, subject to certain exceptions;
(3) request that PAXIV correct inaccurate or incomplete Personal Information;
(4) opt-out of the sale of Personal Information;
(5) opt-out of targeted advertising;
(6) opt out of profiling in furtherance of decisions that produce legal or similarly significant effects about you, and
(7) not receive discriminatory treatment by PAXIV for exercising these rights. To make a request, or to appeal our decision regarding a previous request, please Contact Us by email, call us toll-free at (407) 242-4321, or submit the request through your PAXIV account or our rights request web form [hyperlink]. If you are appealing our decision, please submit your appeal by email referencing and/or attaching information to identify your original request. In order to verify your request, PAXIV may require you to provideadditional information to confirm the identity of the consumer.

European Economic Area (EEA) and United Kingdom Residents

If you live in the EEA or the United Kingdom, you may have the right to
(1) request access to, rectification, or erasure of your Personal Information or restrict the processing of your Personal Information;
(2) object to processing;
(3) data portability
(receive and transfer your Personal Information);
(4) lodge a complaint with a supervisory authority; and,
(5) where processing of your Personal Information is based on consent, withdraw your consent at any time without affecting the lawfulness of the processing of Personal Information that occurred before you withdraw consent. To make such a request, please Contact Us.

Canadian Residents

If you live in Canada, in addition to the other rights you may have hereunder, you may have the right to
(1)request access to, review and to correct inaccuracies or omissions in your Personal Information;
(2) to withdraw consent for collection, use or disclosure of, or to request deletion of, your Personal Information
(provided that, if you do so, we may no longer be able to provide services to you that rely on such Personal Information);
(3) to ask questions about our policies and practices, and to lodge complaints about our compliance with them with us or with regulatory authorities; and
(4) for Quebec residents, to request an electronic copy of the Personal Information you have provided to us in a structured and commonly used technological format.To make such a request, please Contact Us. We may require you to provide additional information to confirm your identity prior to carrying out any such request.

Australian Residents
Our Commitment to Your Privacy
At Paxiv, LLC, we are unwavering in our commitment to protecting your privacy.
Services Provider based in Australia, we strictly adhere to the Privacy Act 1988
(Cth) and the Australian Privacy Principles (APPs). This Privacy Policy clearly
outlines our approach to managing your personal information transparently and
responsibly.
Our core services involve providing advanced automated data solutions to industries
that rely on accurate and dependable information. Our activities include collecting,
aggregating, and verifying extensive datasets used specifically for:
●Know Your Customer (KYC) Services
●Identity Verification Services
●Fraud Prevention Services
●Risk Assessment Services
●Marketing Insights
●Social Media Profile Verification
●ID Document Verification Services
●Anti-Money Laundering & Counter Terrorism Financing (AML-CTF) Services
A core aspect of our operations involves leveraging data to strengthen real estate
analysis and locating proper ownership of real estate.
We remain firmly committed to protecting consumers’ personal information. Personally
Identifiable Information (PII) is handled securely and ethically, in accordance with the
highest industry standards. We are transparent about the personal information we
collect, the purposes for its use, its sources, and your rights, including the right to
request the suppression or deletion of your data where permitted by law.
Access to our data systems is strictly limited to entities that demonstrate a legitimate
legal and commercial purpose. Unauthorised individuals or organisations lacking a clear
and lawful justification are unequivocally denied access. All access to our data
environments is logged and maintained to ensure full regulatory compliance and
auditability.
Types of Information We Collect
At Paxiv, LLC, the collection of personal information is integral to the delivery of
advanced data solutions. The specific types of information we collect vary depending on
the dataset we are aggregating, purchasing, licensing, or verifying at any given time.
We may collect personal information including, but not limited to your Full name;
Gender; Age or age range; Residential address; Mobile and landline telephone
numbers; Email addresses; Social media profile details; Employment information; IP

address and geolocation data; Residential occupancy history; Consumer and
purchasing behaviour demographics. This list is indicative, not exhaustive, and reflects
the scope of our data aggregation, acquisition, and enhancement activities.
We are committed to handling personal information lawfully, ethically, and with due
regard to privacy. We affirm that we do not collect sensitive health or medical
information. All data collection is undertaken in compliance with applicable data
protection. Personal information is collected only for lawful purposes and is used solely
for the purposes for which it was originally collected, in accordance with the Australian
Privacy Principles and delivering our commercial solutions.
We do not knowingly collect personal information relating to minors. All datasets that we
purchase, license, or aggregate undergo a data cleansing process to identify and
remove records associated with individuals under the age of 18. In limited cases where
a minor may have used an adult’s contact details—for example, in an online competition
or a social media registration—such records are identified and immediately removed
from our systems and are not made commercially available.
All data partners are subject to a rigorous onboarding process to ensure they comply
with the Privacy Act 1988 (Cth).
Sensitive Information for AML/KYC Compliance
In accordance with the Privacy Act 1988 (Cth), ‘sensitive information’ includes data such
as racial or ethnic origin, political opinions, religious beliefs, sexual orientation, criminal
records, and biometric information. We collect sensitive information solely for purposes
directly related to our functions or activities, including but not limited to AML/CTF
compliance and identity verification. Such information is handled with the highest level
of confidentiality and security.
With your express consent, We may collect certain, sensitive personal information, to
meet or perform our obligations under Australian law, including the Anti-Money
Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), and to facilitate
Know Your Customer (KYC) processes for identity verification and fraud prevention
purposes. In delivering these services, the types of sensitive information we may collect
include:
●Facial biometric information: We may capture your photograph or facial scan
to verify your identity against official government identification documents.
●Government identifiers: Information such as your driver’s licence number,
passport number, or Medicare number may be collected to verify your identity
through official government verification services. We will not adopt or use these
identifiers as our own internal identifiers.
Sensitive personal information will only be collected with your express consent, clearly
obtained at the time of collection through an explicit opt-in process. If you choose not to
provide consent for collection of sensitive information required for our AML/CTF and

KYC checks, we may not be able to provide our services to you or your customer. We
will not use sensitive information collected for AML/KYC purposes for marketing or
unrelated activities without your explicit consent. We also do not disclose sensitive
information to overseas recipients without your express consent.
How and Where We Collect Personal Information
At Paxiv, LLC, we are committed to transparency in how we collect personal
information. Our data collection practices are governed by the Privacy Act 1988
(Cth) and aligned with the Australian Privacy Principles.
We collect personal information through the following means:
Direct Collection from Individuals: We primarily collect information directly from you,
with your express or implied consent. At the time of collection, we provide clear
information on how your data will be used and obtain your authorisation before
proceeding.
Public and Partner Sources: We may collect personal information from publicly
available sources (e.g. public registries, online profiles) and from trusted commercial
partners. In such cases, we collect data with your consent or in circumstances where
you would reasonably expect your personal information to be collected for the stated
purpose.
Third-Party Verification Providers: Where we receive personal information from third-
party organisations (e.g. verification service providers, commercial data brokers, or
institutional partners), we require confirmation that:
●The information was collected in accordance with the Privacy Act 1988 (Cth).
●The third party is legally authorised to disclose the information to us.
●We are permitted to use the information for the purposes for which it was
provided and in connection with our business solutions.
Use and Disclosure: We use and disclose personal information only where permitted
by law and in accordance with the following principles:
●You have provided consent for the use or disclosure of your personal information.
●That consent has not been withdrawn or suppressed, either with Paxiv or its data
partners.
●The information is available from a public source and its use is consistent with
the reasonable expectations of the individual concerned.
●The information is used for the purpose for which it was collected, published, or
made available.
●The use or disclosure is required or authorised by or under an Australian law,
court order, or regulatory direction.

Due to the nature and volume of information obtained from public and third-party
sources, it may be impracticable for Paxiv to notify every individual at the time of
collection. In such instances, we ensure that:
●If we have not obtained information directly from you, and it is not impracticable
to do so, we will take reasonable steps to notify you as soon as practicable, in
accordance with our obligations under APP 5.
●Personal information sourced from the public domain is not used for direct
marketing communications unless expressly permitted.
●Such information is used strictly for identity verification, fraud prevention, risk
assessment, or analytical insight.
Why We Collect Personal Information and How We Use It
The personal information we collect supports the core operational and compliance
needs of our clients. Our use of such information is governed by the Privacy Act 1988
(Cth) and the Australian Privacy Principles. The primary purposes for which we collect,
use, and disclose personal information include:
1. Business Operations
We collect and process personal information to enable legitimate commercial functions,
such as:
●Preventing and investigating fraud
●Locating individuals for identity verification, skip tracing, and related processes
●Assisting authorised investigations by law enforcement agencies
●Delivering the products and services our clients require to meet their regulatory,
verification, and risk management needs
2. Provision of Enhanced Services
We offer a suite of advanced software-as-a-service (SaaS) and API-integrated
commercial products that facilitate:
●Real Property owner Identity and document verification
●Fraud prevention and mitigation
●Know Your Customer (KYC) due diligence
●Data enrichment
●Skip tracing and location services
●Consumer profiling and marketing segmentation (where permitted by law)
These services rely on the lawful use of personal information, collected directly or via
verified data partners, to enable our clients to perform their business activities efficiently
and in compliance with applicable regulations.
3. Regulatory Compliance and Public Safety

We support public and private entities in meeting statutory obligations, including those
under:
●The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth)
●Commonwealth and State identity verification requirements
●Sanctions screening and politically exposed persons (PEP) checks
●Risk-based customer due diligence and AML/CTF reporting
Our services assist clients in meeting their obligations for safe, lawful, and transparent
engagement with individuals.
4. Controlled Access and Governance
Paxiv ensures that access to personal information is granted only to thoroughly vetted
commercial and government entities. All users of our services must demonstrate a
legitimate business need and satisfy due diligence criteria. We apply rigorous
compliance checks and adhere to our ISO27001-certified information security and risk
management standards to maintain the integrity of all data access.
5. International Data Provision (When Applicable)
In limited cases, we may supply global personal information obtained through a trusted
network of international, privacy-compliant third-party data providers. This occurs only
where it is relevant to:
●Verifying the identity or history of an Australian resident with offshore connections
●Identifying publicly available records related to individuals or entities outside
Australia as part of lawful skip tracing, fraud investigations, or social media
verification efforts
All international data sources used by Paxiv undergo a strict review to ensure
compliance with equivalent privacy, data handling, and cross-border transfer
obligations.
To Whom We Disclose Your Personal or Sensitive Information
Disclosure to Third Parties:
Paxiv, LLC discloses personal and sensitive information only in accordance with
the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and our ISO-
certified risk and compliance framework. We disclose information solely to vetted third
parties and enterprise customers for lawful, consented, and legitimate purposes. The
categories of recipients and circumstances of disclosure include:

1. Enterprise Customer Access: Disclosure of personal information to our
enterprise customers is subject to the following conditions:
●Consent-Based Use: Information is disclosed only for purposes for
which the individual has provided consent, or where the use or
disclosure is otherwise authorised by law.

●Commercial Supply: Access is facilitated via our secure SaaS
platforms and APIs, governed by the Australian Privacy Principles
and our published Terms of Use.
●Contractual Compliance: All customers must enter into binding
agreements that incorporate our data handling requirements,
permissible use conditions, and obligations regarding suppression
and deletion requests in our Terms of Use and Privacy Policy.
2. Third-Party Data Partners: We may share personal and sensitive
information with third-party service providers who assist in delivering our
solutions. These include, but are not limited to:
●Identity verification and document validation providers
●Regulatory compliance and AML/CTF technology partners
●Social media intelligence solution providers
●Government-accredited data sources (e.g. DVS, Death Check)
●All third-party providers are subject to stringent contractual
obligations, including confidentiality, information security controls,
and adherence to the Privacy Act 1988 (Cth) and the APPs. No
personal or sensitive information is sold to third parties for
marketing purposes under any circumstances.

3. Disclosure to Data Partners: In limited circumstances, we may disclose
personal information to approved third-party data partners for the purpose
of delivering integrated services, including:
●Identity and document verification (DVS)
●Social media profiling and intelligence
●Know Your Customer (KYC)
●Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF)
compliance solutions
●These data partners are subject to formal onboarding, compliance
assessments, and continuous monitoring to ensure their practices
align with our obligations under the Privacy Act.

4. Legal and Enforcement Disclosures: We may disclose personal
information where required or authorised by:
●Applicable Australian laws or regulations
●Court orders or legal processes
●Requests from authorised law enforcement or regulatory bodies
conducting lawful investigations
●Any such disclosure is assessed on a case-by-case basis to ensure
that it is lawful, necessary, and proportionate.

How Secure Is Your Personal Information
At Paxiv, LLC, we understand the paramount importance of safeguarding your personal
information and data from unauthorised access. Here’s how we ensure the security of
your data:
●Regular Audits and Testing: We conduct regular audits and system penetration
testing to identify and rectify any potential vulnerabilities.

●Data Storage & Security: All personal and sensitive information collected by
Paxiv is stored securely on AWS servers located within Australia. We employ
advanced security measures, including encryption, firewalls, and intrusion
detection systems, to protect data from unauthorised access, disclosure,
alteration, or destruction. Regular security audits are to adapt to emerging
security threats.​
●Access Controls: We implement IP address access controls and Multi-Factor
Authentication (MFA) for all data services, providing an additional layer of
security.
●Encryption: All information, both in transit and at rest, is encrypted using
industry-standard secure encryption methods.
●Limited Access: Your personal information is only provided to those who require
access to perform their business functions. This may include users and
subscribers of our products and services, and any law enforcement agency to
whom we are required by law to provide your personal information.
●Policy Review: We regularly review this policy and assess our performance
against it to ensure we are meeting and continue to meet our obligations under
the Privacy Act 1988 Cth.
●Employee Training: All employees and agents of Paxiv are required to undergo
proficient training on data handling and the rules of disclosure under the
Australian privacy principles.
●Automated Security Systems: We have automated security and intrusion
detection systems in place, along with detailed event logging and automated
auditing systems, to further secure our systems.
Our data and compliance team are committed to maintaining the highest standards of
data security and privacy. We continually strive to enhance our security measures to
protect your personal information. Such security measures are comprehensively
detailed in our security control documents.
How We Maintain the Quality of Your Personal Information
Paxiv recognises the importance that any data information we hold is up to date and
accurate. The information we receive from the users of our products and services and
the data we collect as described throughout this policy, are subject to various
enhancements to ensure the information is as accurate as possible. Where updated or
enhanced information is available, we incorporate it into our datasets and products
without delay. We update our full universe dataset weekly, however, enhance and
append daily, through our highly advanced Pango data engine. Our automated systems
clean and repair all data records on delivery. The system removes all known bot
attributes and inappropriate filter block words. We then match, validate and enhance
with cross-referenced trusted and highly scored data records. This process utilises
numerous trusted datasets to validate and clean the data.
In addition to our internal processes, when utilising data from third-party we apply
stringent quality standards. Each third-party source undergoes a rigorous vetting and

auditing process. This ensures that their data quality aligns with our high standards,
guaranteeing the integrity and reliability of the information we use and provide.
Access to Our Data from Outside Australia
We place paramount importance on protecting consumer’s personal information from
unauthorised and unethical use. As an Australian company, we adhere strictly to the
Privacy Act 1988 Cth and our ISO27001 security compliance procedures. Here’s how
we manage international access to our data:
●No Foreign Access Without Consent: We do not permit access to our data
platforms from outside Australia unless prior written consent has been provided
and unless required for specific services.
●International Vetting Application: Any entity seeking access from outside
Australia must complete and receive approval through our rigorous International
Vetting application. This application records full identity particulars on the
organisation and person seeking access. It also provides for an assurance or
privacy warranty to be provided by the contracting parties responsible privacy
officer or managing director.
●Record Keeping: Approved applications are securely stored and can be
provided to relevant government bodies such as the OAIC, ACCC, or the ACMA,
should the need arise.
●Strict Consequences for Breach: Any unapproved attempts to access our data
systems from outside Australia is a breach of our Terms and Conditions and will
result in the suspension of the client account pending a full review. Misuse of any
of our data, whether within Australia or internationally, will result in immediate
suspension or cancellation of our services to the client.
●VPN Use: Customers using a VPN to mask their IP address will not be granted
access to our systems. For more details, refer to our Terms of Use. MFA and IP
restrictions are mandatory for any granted access.
When engaging in AML/CTF or Identity Verification processes, it may be necessary for
Paxiv to collaborate with international data partners. In such instances, we ensure these
partners are in full compliance with the Australian Privacy Act and Australian Privacy
Principles. For operations involving social media validations, the data shared is always
de-identified to protect individual privacy. Furthermore, for all other data-sharing
purposes, we ensure that all data information is securely encrypted during transit,
upholding our commitment to data security and privacy standards.
We are committed to protecting consumer’s right to privacy. No access to a company
outside of Australia will be granted unless we approve them and their use case for the
data. In such cases, we ensure that the overseas recipient adheres to privacy standards
equivalent to those under the Australian Privacy Act 1988 (Cth) and the APPs.
Email / SMS Data & Spam Act

Paxiv is committed to upholding the integrity of the data we provide and ensuring
compliance with the Spam Act 2003. We do not support any unauthorised practices that
could lead to spamming or unwanted contact for consumers.
When we supply mobile numbers or emails to our clients through any of our data
platforms, the client/user agrees not to use any third-party validator or ‘Pinger’ outside
of those supplied within our automated solutions. The use of unknown phone or email
validators can result in unwanted spam for consumers, which is something we actively
work to prevent.
If a client is found to be using a third-party service to validate or ‘ping’ email addresses
supplied by us, we will suspend or cancel their access in support of the Spam Act 2003
and the consumer’s right to privacy. Any misuse or harassment of consumers via SMS,
Telemarketing or email will also result in immediate suspension or cancellation of our
services to the client.
When a consumer is contacted by digital communication for marketing purposes, such
as Email or SMS, our clients must provide the option for the consumer to unsubscribe or
opt-out. Consumers have the right to request the client to add them to the opt-out
register database and cease contacting them. This action should be performed
immediately upon the opt-out request by the consumer for both the client’s and
consumer’s protection.
In addition to our existing practices, we conduct comprehensive vetting and auditing of
our clients’ use of marketing data. This process ensures that our clients clearly define
and adhere to the intended use of the marketing data we provide. We carefully verify
that their usage aligns with both the consent obtained from consumers and the
requirements of the Spam Act 2003. This proactive approach highlights our commitment
to responsible data management and compliance with relevant privacy and
communication laws.
For more information, please refer to our Terms of Use and Global Privacy Policy, and
ensure full compliance with the relevant Spam rules and regulations.
Complaints, Access and Corrections
Individuals have the right to access the personal information we hold about them and to
request corrections if they believe the information is inaccurate, outdated, or incomplete.
To make such a request, please contact our Privacy Officer noted below. We will
respond to access or correction requests within 30 days, in accordance with the Privacy
Act 1988 (Cth).
You will not be charged for making a request to suppress or remove your personal
information held by us. However, we may charge a fee to provide you with access to
your information to cover our administrative costs in some unusual cases. We will inform
you of the fee at the time the request is made, if applicable. Should you wish to gain

access to, correct, remove, or suppress your personal information, you may contact the
Privacy Officer as noted below:
ATTN: Privacy Officer
Paxiv, LLC
Email: PAXIVPrivacy1@Paxiv.com
If you would like us to update your information or believe that any of the information we
hold is incorrect, please let us know and it will be corrected or removed from our
database at your request. All requests for access and corrections including complaints
and suppression’s, will be handled expeditiously and in writing only, we do not under
any circumstances reveal any personal information over the phone or by email unless
we have identified you as the person to whom the record relates. We reserve the right
to deny any privacy requests where we cannot adequately identify you or request
further identity information.
We aim to resolve all privacy request issues within 30 days or sooner if practical. We do
not disclose, suppress or reveal personal information on any record over the phone and
will require our standard privacy forms to be completed. This is for the protection of the
individual, to ensure only they access their information. For clarity, where a consumer
wishes to discover the source of their personal information held by Paxiv, we will only
release their personal information on the sources directly to them or their appointed
legal representative and in writing only and where we have accurately identified them.
Our Privacy access process is restricted to the consumer in question and as such, we
cannot provide information to third parties and breach our internal compliance
procedures. We do not store any data you provide us in the Privacy form within our data
universe and it is only used for the purpose of identifying and suppressing your
information from further commercial use and actioning your privacy suppression
request.
Refusal to Complete Our Privacy Compliance Forms
You are welcome to choose not to complete our privacy compliance forms if you prefer.
However, without these forms, we won’t be able to share or confirm any details about
the record you’re enquiring about. To process requests such as suppressing, accessing,
or releasing your personal information, we need the forms completed and returned.
If you decide not to complete the forms, the only action we can take is to add the details
you provide to our suppression list (blacklist). This means that if we receive that record
in the future, it will be immediately flagged and prevented from being used. Additionally,
if the record is already within our data, it will be suspended from further use. This
suppression can only take place if the limited information you provide is enough for us
to identify and act on the record.
If you are not satisfied with the handling of your complaint by Paxiv, you have the right
to escalate the matter. You may refer your complaint to the Office of the Australian

Information Commissioner (OAIC). For further information or to lodge a complaint, you
can visit their website at https://www.oaic.gov.au or contact them directly on 1300 363
992. We encourage you to engage with us directly in the first instance, as we are
committed to resolving your concerns swiftly and fairly.
Data Breach Response
In the event of a data breach involving personal or sensitive information, Paxiv will
promptly assess the situation in accordance with the Notifiable Data Breaches (NDB)
scheme under the Privacy Act 1988 (Cth). If the breach is likely to result in serious
harm, we will notify affected individuals and the OAIC as soon as practicable, providing
details of the breach and recommended steps for protection.
Website Data Collection and Use
At Paxiv, LLC, we prioritise your privacy while navigating our website. Here’s an
overview of how we handle your data:
Data Collection: When you visit our site, we collect information through enquiry forms
and emails. This includes personal details provided by you and your IP address, which
our web server automatically recognises.
Purpose of Data Use: The collected data aids in identifying potential customers,
providing requested services, addressing inquiries, conducting customer and marketing
research, and informing you about our products and services. We ensure the security of
any financial transactions and do not store sensitive financial information.
Cookie Usage: Our website enhances your experience using cookies, small data files
stored on your browser. These cookies, categorised as Essential, Performance and
Analytics, and Advertisement and Targeting, serve various functions:
●Essential Cookies: Crucial for website functionality, ensuring proper operation.
●Performance and Analytics Cookies: Remember your past choices, enhancing
website interaction.
●Advertisement and Targeting Cookies: Anonymously track website usage,
pages visited, and links clicked for improved content relevance.
Cookies contribute to a more personalised, efficient, and secure browsing experience.
Most browsers accept cookies by default, but you can adjust your browser settings to
manage cookie preferences. Please note, disabling cookies may limit access to certain
website features.
Rest assured, all information collected is handled in accordance with our overarching
Privacy Policy, and we are committed to not selling your personal information or using it
beyond the stated purposes.

** The online web version of this document is always the most recent. It is the
responsibility of the company or individual relying on this policy to ensure that any
printed version of this Privacy Policy is the most recent version. Any printed version of
this document is superseded by this, our online digital version.**
Version 9.1.25 – 1 September, 2025

9. Global Policy Changes

This Global Privacy Notice may be updated periodically to reflect changes in our privacy practices.

We will post changes on this page and identify the date the privacy notice was last revised at the top of the page.If we make material changes to our privacy practices, we will notify you through a notice on the home page of the websites covered by this Global Privacy Notice. If a material change will apply to Personal Information we have already collected, including any new purposes for which the Personal Information will be used or disclosed to which you have not previously consented, we will additionally seek your affirmative consent.

10. Two-Factor Authentication (2FA)

To help protect your account and ensure secure access to the Services, PAXIV may offer or require the use of Two-Factor Authentication (2FA). When you enable or are enrolled in 2FA, you may be asked to provide a mobile phone number for verification purposes. By providing your phone number and opting into 2FA, you consent to receive text messages (SMS) from us containing authentication codes or login-related alerts.

These messages are strictly limited to security and account verification purposes and will not be used for marketing. Your mobile number will not be shared with third parties for their own marketing purposes. Standard messaging rates from your mobile carrier may apply.

If you no longer wish to use 2FA, or if you would like to update or remove your phone number from your account, you may do so through your account settings or by contacting us directly.

11. Contact Us

We have appointed a Privacy Officer and Data Protection Officer to investigate and respond to privacy issues and to be accountable for our compliance with this Global Privacy Notice.

Please submit questions, concerns, or requests to exercise your applicable rights to PAXIV by email toSupport@PAXIV.com.

You may also write to:

PAXIV, LLC. 1840 N Technology Drive, Springville, Utah 84663-4965 Attn: Legal Department

If you live in the EEA or the United Kingdom, PAXIV UK Limited is the entity responsible for the processing of your Personal Information. Please submit questions, concerns, or requests to exercise your applicable rights by email toSUPPORT@PAXIV.com.

or write to:

PAXIV, LLC. 1840 N Technology Drive, Springville, Utah 84663-4965 Attn: Legal Department

You may also make a complaint to your local data protection authority