Privacy Policy

Personal Information: We collect information you provide directly to us when you: • Create an account or register for our services • Make a purchase or transaction • Contact us for customer support • Subscribe to our newsletter or marketing communications • Participate in surveys, contests, or promotional activities • Apply for employment or submit business inquiries The personal information we collect includes: • Name, email address, phone number, and mailing address • Billing and payment information (processed by secure third-party providers) • Account credentials and security information • Communication preferences and marketing consents • Support tickets and correspondence • Professional information for business accounts Automatically Collected Information: When you visit our website, we automatically collect: • IP address and geographic location data • Browser type, version, and language settings • Device information (operating system, screen resolution, device type) • Referral URLs and website navigation patterns • Time stamps and session duration • Cookies and similar tracking technologies data Purchase and Transaction Data: For all software purchases, we collect: • Product selection and purchase history • License usage and activation data • Download and installation records • Payment transaction details (through secure processors) • Refund and support request information

Service Provision: We use your information to: • Process and fulfill software purchases and license deliveries • Create and manage your user account • Provide customer support and technical assistance • Send order confirmations, license keys, and product updates • Process refunds and handle billing inquiries • Maintain and improve our website and services Legal and Compliance Purposes: • Comply with applicable laws and regulations • Respond to legal requests and court orders • Prevent fraud and ensure transaction security • Enforce our Terms of Service and other policies • Maintain records for tax and accounting purposes • Conduct internal audits and security assessments Marketing and Communications (with your consent): • Send promotional emails about new products and special offers • Provide product recommendations based on purchase history • Deliver newsletter content and industry updates • Conduct customer satisfaction surveys • Announce platform updates and new features We N­E­V­E­R: • Sell your personal information to third parties • Use your information for unauthorized marketing • Share payment details with unauthorized parties • Access your purchased software or monitor usage beyond activation • Combine your data with other companies' databases for marketing

Technical Safeguards: We implement comprehensive security measures including: • SSL/TLS encryption for all data transmission • Advanced firewall protection and intrusion detection • Regular security audits and penetration testing • Secure cloud hosting with enterprise-grade protection • Multi-factor authentication for administrative access • Encrypted data storage with access controls Payment Security: • PCI DSS Level 1 compliance through certified processors • Card numbers are handled by PayPal under PCI-DSS compliance and are not stored on our servers • Tokenized payment processing for enhanced security • Fraud detection and prevention systems • Secure payment gateways (PayPal) Organizational Safeguards: • Employee background checks and security training • Confidentiality agreements for all staff and contractors • Role-based access controls and principle of least privilege • Regular security awareness training and updates • Incident response procedures and breach notification protocols • Data retention and secure disposal policies Third-Party Security: Our service providers must: • Maintain equivalent security standards • Sign data processing agreements with security requirements • Undergo regular security assessments • Report any security incidents immediately • Comply with applicable privacy and security regulations

Types of Cookies We Use: Essential Cookies (Required): • Authentication and session management • Shopping cart functionality and checkout process • Security and fraud prevention • Basic website functionality and navigation • Load balancing and performance optimization Functional Cookies (Optional): • Language and region preferences • User interface customization • Remember me functionality • Accessibility settings Analytics Cookies (Optional): • Website usage statistics and traffic analysis • Performance monitoring and optimization • User behavior patterns for service improvement • A/B testing for feature development Cookie Management: You can control cookies through: • Your browser settings (accept, reject, or delete cookies) • Our cookie preference center • Opt-out tools for analytics services • Browser extensions for enhanced privacy Do Not Track: We respect browser Do Not Track signals and will: • Disable non-essential tracking when DNT is enabled • Limit data collection to essential functions only • Provide alternative functionality where possible • Honor user privacy preferences consistently Third-Party Cookies: Some cookies are set by third-party services: • Google Analytics for website performance (anonymized) • Payment processors for secure transaction processing • Customer support chat systems • Social media integration (if applicable) We do NOT use cookies for: • Cross-site tracking or advertising • Selling data to advertising networks • Creating detailed behavioral profiles • Sharing personal information with unauthorized parties

Authorized Service Providers: We share limited data with trusted partners who help us operate our business: Payment Processors: • PayPal: Payment processing and fraud prevention • PayPal also processes major credit and debit cards (Visa, Mastercard, Amex, Discover) on our behalf via PayPal guest checkout • Data shared: Transaction amounts, payment method types, billing addresses • Purpose: Secure payment processing and compliance • Retention: Per processor policies and legal requirements Email Services: • SendGrid: Transactional and marketing email delivery • Data shared: Email addresses, names, communication preferences • Purpose: Order confirmations, license delivery, customer communications • Safeguards: Encryption in transit and at rest, G­D­P­R compliance Cloud Infrastructure: • Reputable enterprise-grade cloud hosting providers (US data centers) • Data shared: All website and user data (encrypted at rest and in transit) • Purpose: Reliable service delivery and data backup • Safeguards: Enterprise security, encryption, access controls, regular backups Analytics & Advertising Measurement: • Google Analytics: Website usage analytics (IP-anonymized) • Microsoft Clarity / Microsoft Advertising UET: Session analytics and ad-conversion measurement for campaigns run on Microsoft Advertising (Bing). The UET tag records page views, conversions, and a hashed identifier; it does NOT capture names, emails, or payment data. • Data shared: Anonymized usage patterns, page views, traffic sources, ad-conversion events • Purpose: Service improvement, performance optimization, and ad-effectiveness measurement • Controls: IP anonymization, data retention limits, opt-out via browser cookie controls or the Network Advertising Initiative (optout.networkadvertising.org) Legal Disclosures: We may disclose information when required by law: • Compliance with subpoenas, court orders, or legal process • Protection of our rights and property • Prevention of fraud or illegal activities • Emergency situations involving personal safety • Business transfers or mergers (with equivalent privacy protections) Data Processing Agreements: All third-party processors must: • Sign comprehensive data processing agreements • Implement equivalent privacy and security measures • Limit data use to specified purposes only • Allow for audits and compliance verification • Provide data breach notifications within 24 hours

Under applicable privacy laws (C­C­P­A, C­O­P­P­A, etc.), you have the following rights: Access Rights: • Request a copy of all personal information we hold about you • Receive information about how your data is collected and used • Obtain details about third parties with whom we share your data • Review your account settings and communication preferences Correction and Update Rights: • Correct inaccurate or incomplete personal information • Update your contact information and billing details • Modify your communication preferences • Change your account security settings Deletion Rights (Right to be Forgotten): • Request deletion of your personal information • Exceptions: Legal obligations, fraud prevention, contract completion • Process: Verification required, 30-day processing period • Scope: All systems and backups (subject to technical limitations) Data Portability: • Receive your data in a structured, machine-readable format • Transfer your information to another service provider • Export your purchase history and license information • Download your account data and communications Opt-Out Rights: • Unsubscribe from marketing communications • Opt out of non-essential cookies and tracking • Refuse promotional phone calls or text messages • Limit data sharing with third parties (where legally permitted) How to Exercise Your Rights: 1. Email us at contact at usdigicart dot com with your request 2. Include your full name and account email address 3. Specify which rights you wish to exercise 4. Provide verification information if requested 5. Allow up to 30 days for request processing Special Rights for California Residents (C­C­P­A): • Right to know what personal information is collected • Right to delete personal information • Right to opt-out of the sale of personal information (we don't sell data) • Right to non-discrimination for exercising privacy rights Special Rights for Minors: • Users under 16: Opt-in consent required for data processing • Users under 13: Parental consent required (C­O­P­P­A compliance) • Additional protections for educational accounts

USDigiCart is operated from the United States. If you access our Services from the European Economic Area (EEA), United Kingdom, or other regions with data-protection laws, please be aware that your information will be transferred to, stored, and processed in the United States. Lawful Transfer Mechanisms: For transfers of personal data from the EEA / UK to the United States, we rely on: • Standard Contractual Clauses (SCCs) approved by the European Commission and the UK ICO • Your explicit consent where required • Necessity for performance of our contract with you (order fulfillment) Your G­D­P­R / UK G­D­P­R Rights: In addition to the rights listed in Section 6, EEA / UK residents have the right to: • Lodge a complaint with their local supervisory authority (e.g., ICO in the UK, C­N­I­L in France) • Withdraw consent at any time (without affecting prior lawful processing) • Object to processing based on legitimate interests • Request human review of any solely automated decisions (we do not currently use such decisions) Lawful Basis for Processing (G­D­P­R Art. 6): • Performance of a contract — to fulfill orders and deliver license keys • Legal obligation — tax, accounting, anti-fraud • Legitimate interest — site security, fraud prevention, service improvement • Consent — marketing emails, optional analytics cookies

Our Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at contact at usdigicart dot com and we will promptly delete the information from our systems. Account Eligibility: Users between 13 and 18 must have the involvement and consent of a parent or legal guardian to use our Services and to make purchases. Adult account holders are responsible for transactions initiated from their accounts.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other reasons. When we make material changes, we will: • Update the "Last Updated" date at the top of this page • Post the revised policy on this page • For significant changes, send a notice to your registered email address or display a prominent notice on our Services prior to the change taking effect Your continued use of our Services after the effective date of any updated Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this page periodically.

For privacy-related questions, requests, or to exercise any of your rights under this Policy, please contact us: Data Controller: USDigiCart Email: contact at usdigicart dot com Phone: +1 (302) 330-8841 Mailing Address: USDigiCart, 1207 Delaware Ave #2301, Wilmington, DE 19806, United States We aim to respond to all legitimate requests within 30 days. We may need to verify your identity before processing certain requests to protect your data from unauthorized access.