Baynote Service Privacy Policy (“BSPP”)

UPDATED – January 1, 2014

This notice describes the privacy policy and practices of Baynote, Inc. (“Baynote”) and describes how Baynote collects
and leverages user information collected from our corporate client’s website(s) and applications. The BSPP is
designed to assist Baynote clients in understanding how we collect and use the website and user information clients
provide to Baynote related to the provisioning of the Baynote service. Baynote’s clients have their own websites,
mobile sites, applications, touch points and their own privacy policies. Baynote is not responsible for the privacy
practices or the content of client websites, applications or touch points. The BSPP applies solely to the information
collected by the Baynote Service when website users visit our client’s website(s) and applications.

Baynote is a technology company that personalizes consumer experiences for users on our client’s websites and other
digitally enabled touch points (the “Service”). Baynote collects information about users as they visit our client’s websites
enabling the client to deliver engaging experiences on their websites, emails, text messages, mobile sites, mobile
applications, tablet sites, tablet applications, and in other digitally enabled touch points such as kiosks, chat, or call center interactions.

Baynote leverages website user information to deliver personalized and relevant product and content
recommendations, to reorder onsite search results, and to deliver client specific offers. These personalized interactions
make it easier for website users to find what they are looking for, discover new and interesting products and generally are
valuable for website users. Baynote supports SSL encryption for all external communications to ensure information
security and integrity.

Information Baynote collects

The Baynote Service may collect any or all of the following information from website users on our client’s touch points:
1. The search terms and keywords used to find the client website. (Typically entered into a search engine like Google,
Bing or Yahoo);
2. The search terms or keywords used while on the client website. (Typically entered into the website search box
located on the client website);
3. The client’s product or content items clicked on and viewed on the client website along with other client website
navigation data, including following links from the client website to URLs within and outside of the client website,
and any browser action that can be triggered by clicking on a link, including script activations, email actions and
form posting;
4. The client’s product or content items placed in groups such as favorites, wish lists or registries;
5. The client’s product placed in shopping carts or purchases;
6. Additional information is collected by Baynote that is automatically provided to the website user’s computer browser
including the IP address, date and time of a user session and browser type;
7. Various browser and server dates and times including page load, recommendation request, link click, page exit and
durations computable from the collected dates and times.
8. Baynote may leverage website user’s IP address, or some other device specific enabled location service, to provide
the website user’s approximate location; and,
9. Where our client’s privacy policy allows the sharing of such information, Baynote’s clients may also provide known
user or anonymous user information such as purchase history, segment membership, location or other related
attributes.

Baynote does not collect or store any sensitive or personally identifiable information such as the website user’s
name, email address, home address, phone number, credit card numbers or social security numbers.

Cookies and Image Tags

The Baynote Service uses industry standard cookies and image tags to collect website user information on our client’s
websites. These standard technologies allow for the exchange of information between the website user’s browser and the
Baynote Service. The Baynote Service allows our clients to use first-party cookies instead of third-party cookies, helping
make the website user comfortable about avoiding browser-level information integrity issues.

Persistent and Session Cookies

The Baynote Service uses two kinds of cookies called session cookies and persistent cookies. A session cookie is
created when a website user arrives on a client website and expires when the website user closes their browser after
viewing the client website. A persistent cookie is also stored on the website user’s hard drive for a period of time. The
Baynote Service may store information about the website user’s browsing history while on the client website or other
client website information in a persistent cookie.

Disabling or Removing Cookies (“Do Not Track”)

Website users can disable or delete the Baynote Service cookies from their computer by following the directions in the
help area of the website user’s browser. While the Baynote Service may use cookies to help personalize the website
user’s experience on the client website, the Baynote Service is still able to personalize the website user’s experience
without cookies. When cookies are disabled or deleted, the Baynote Service uses different personalization approaches
that do not require a cookie.

How the Baynote Service leverages website user information

The Baynote Service uses anonymous website user information collected to personalize our client’s website user
experience and to apply that collective intelligence to personalize the client website experiences for other client
website users. The Baynote Service may associate the client’s website user information with an anonymous user
identifier. This identifier is also associated with the persistent cookie that is placed in the website user’s browser on
their computer. Website user information that is collected and stored as part of provisioning the Baynote Service is
shared only with the related Baynote client whose site or application the website user visited.

Website user information is observed by the Baynote Service’s analytics technology to help identify useful patterns of
behavior or connections. Patterns are formed when many website users exhibit the same types of behavior. The
Baynote Service’s analytic technology recognizes these patterns and uses recognition techniques to personalize
website user experiences including the following:

1. To show relevant client product or content recommendations on the client’s website, in email, chat or other digitally
enabled touch points;
2. To deliver relevant client offers;
3. To reorder client onsite search results to make them more relevant to client website users;
4. To create segments of visitors and to identify visitors as members of existing client segments or Baynote derived
segments that may be used to drive marketing or other client initiatives outside the Baynote Service.
5. To inform the client’s advertising partners about relevant client products or content that client website visitors may
be interested in; and,
6. To research and develop new website user personalization products, techniques, or technologies.

How long does Baynote keep website user information?

Baynote adheres to existing laws regarding information retention. Unless prevented by law, the Baynote Service
retains the anonymous website user information collected for as long it is relevant and meaningful to our clients in
delivering enhanced website experiences to their website users. Baynote will retain collected information as long as is
required to meet service agreements with our clients and as required by law or to protect Baynote’s rights or property.

How does the Baynote Service deliver personalized emails if the Service does not track website user email addresses?

The Baynote is not an email company or email service provider. Baynote clients have their own email applications or
service providers. The Baynote Service integrates with our client’s email systems and/or service providers. Baynote’s
clients maintain email addresses and systems. The Baynote Service delivers client recommendations or offers to the
email system or provider and the email system or service provider sends the emails.

How Baynote Protects your Information

Baynote takes reasonable measures to protect systems and information from unauthorized access or alteration,
disclosure, or destruction. Baynote’s production environment is located in a secure co-location facility, with accesscontrolled via two factor biometric authentication. Additionally, our network is protected in line with industry defense-indepth
best practices. Baynote also routinely performs security audits and reviews. No security system is 100% secure,
however. While Baynote has taken reasonable precautions to safeguard the information that we collect, we cannot
guarantee that it will not be accessed or disclosed either through the unauthorized acts of users of Baynote systems.

Information Sharing

Unless provided for in this Privacy Policy, Baynote does not sell, trade, rent or share any personal information about client
website users with third parties.

Advertising Partners

Baynote is not an advertising company. Baynote does not create, distribute, or deliver advertisements. We do, however,
work with partners who are advertising companies who create and deliver ads. We do not share any client website user
information with client’s advertising partners. Instead, the Baynote Service is able, at the client’s option, to share
recommended client products or content that website users are likely to be interested in. Client advertising partners use
this information to create and deliver relevant, targeted ads to website users. Any information about those website users
that is used to target the ads is part of client partner systems and is subject to their privacy policies.

Law Enforcement

The website user information that Baynote collects may be requested by law enforcement in connection with a legal
investigation. Baynote will comply with relevant laws, regulations, subpoenas or warrants. Baynote will protect and defend the rights and safety of Baynote, Baynote employees, clients, or other persons.

Anonymous Information

Baynote may share anonymous website information, aggregated across many users, or outputs of Baynote analytics
technology with clients, investors, prospective investors, business partners, marketing partners, or other third parties. This anonymous information includes how users of Baynote systems interacted with Baynote recommendations, offers and other services. This information does not identify any user or their responses to content or offers and cannot be used to identify a user or contact a user.

Baynote Website Privacy Policy

This notice describes the Website Privacy Policy of Baynote, Inc. (“Baynote”). By visiting www.baynote.com, you are accepting the practices described in this Website Privacy Policy, effective of as of January 1, 2014.

Our Website Privacy Policy is designed to assist you in understanding how we collect and use the personal information you provide to us and to assist you in making informed decisions when using our website (www.baynote.com).

Collection of Personal Information

When you register for certain customer services, register for certain webinars, request product or service information, download resource materials from our website, request customer service or other similar requests, we may collect the following types of information from you:

The registration information you provide on our website may be retained as part of our prospect and customer marketing database for an indefinite length of time.

You may; however, visit our site anonymously.

Children’s Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (“Children’s Online Privacy Protection Act”), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.

Collection of Web Site Use Information (Non-personal)

Similar to other commercial Web sites, our Web site utilizes a standard technology called “cookies” (see explanation below, “What Are Cookies?”) and Web server logs to collect information about how our Web site is used. Information gathered through cookies and Web server logs may include the date and time of visits, the pages viewed, time spent at our Web site, and the Web sites visited just before and just after our Web site. We, our advertisers and ad serving companies may also use small pieces of code including, but not limited to, “web beacons” or “clear gifs” to determine which advertisements and promotions users have seen and how users responded to them.

What Are Cookies?

A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit a Web site, that site’s computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies. Each Web site can send its own cookie to your browser if your browser’s preferences allow it, but (to protect your privacy) your browser only permits a Web site to access the cookies it has already sent to you, not the cookies sent to you by other sites.

How Do We Use the Personal Information That You Provide to Us?

Broadly speaking, we use personal information for purposes of administering and expanding our business activities, providing customer service and making available other information regarding products and services to our customers and prospective customers. Occasionally, we may also use the information we collect to notify you about important changes to our Web site, new services and special offers we think you will find valuable.

How Can You Access and Correct Your Personal Information?

You may request access, review, and request changes, to all your personally identifiable information that we collect online and maintain in our database by emailing info@baynote.com.

You may notify us at any time if you do not wish to receive these offers by emailing us at info@baynote.com.

How Do We Use Information We Collect from Cookies?

As you interact with our Web site, the site uses its cookies to differentiate you from other users so your account is only available to you. In some cases, we also use cookies to prevent you from seeing unnecessary advertisements or requiring you to log in more than is necessary for security. Cookies, in conjunction with our Web server’s log files, allow us to calculate the aggregate number of people visiting our Web site and which parts of the site are most popular. This helps us gather feedback in order to constantly improve our Web site and better serve our customers. Cookies do not allow us to gather any personal information about you and we do not generally store any information that you provided to us in your cookies.

Choosing to enable or disable your cookies?

We encourage you to allow cookies from our website because it helps us improve the user experience. If you do not want to save cookies from our website, you can choose to disable them in your internet browser. However, by disabling necessary First-Party Cookies that Baynote uses (outlined above), certain services users have asked for cannot be provided. Depending on your web browser type, you can access these controls through your web browser’s Help section.

Do we disclose any information to outside parties?

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We do not sell, trade, or otherwise transfer to outside parties your personal information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, or other uses.

Certain Disclosures

We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our Terms of Service and other agreements; or protect the rights, property, or safety of Baynote, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.

Security

The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website, you can contact us using the contact information below.

Compromise of Personal Information

In the event that personal information is compromised as a result of a breach of security, Baynote will promptly notify those persons whose personal information has been compromised, in accordance with the notification procedures set forth in this Website Privacy Policy, or as otherwise required by applicable law.

Third party links

Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Conditions of Use, Notices, and Revisions

If you choose to visit www.baynote.com, your visit and any dispute over privacy is subject to this Website Privacy Policy and our Terms of Service, including limitations on damages, arbitration of disputes, and application of the law of the state of California. If you have any concern about privacy at www.baynote.com please contact us with a thorough description, and we will try to resolve it.

Our business changes constantly, and our Website Privacy Policy and the Terms of Service will change also. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our website frequently to see recent changes. Unless stated otherwise, our current Website Privacy Policy applies to all information that we have about you and your account.

Notification Procedures

It is the policy of Baynote to provide notifications, whether such notifications are required by law or are for marketing or other business related purposes, to our customers or website users, via E-mail notice, written or hard copy notice, or through conspicuous posting of such notice on our Web site page, www.baynote.com, as determined by Baynote in its sole discretion. Notwithstanding the foregoing, Baynote reserves the right to determine the form and means of providing notifications to our customers or website users.

Your Consent

By using our website you consent to our collection and use of your personal information as described in this Website Privacy Policy. If we change our privacy policies and procedures, we will post those changes on our website to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it.

Contacting Us

If there are any questions regarding this privacy policy you may contact us using the information below.

www.baynote.com

Baynote, Inc.

Attn: CFO

333 W. San Carlos St., Suite 700

San Jose, CA 95110