Privacy Notice

AvePoint, Inc., including its wholly owned (directly and indirectly) subsidiaries (hereinafter “AvePoint”) is committed to protecting the privacy and security of the personal information of our customers, employees and third parties.

This Privacy Notice highlights how AvePoint uses the information collected through its websites, apps, services, and technology solutions.

1. Information We Collect

1.1 Summary

AvePoint collects many kinds of information in order to operate effectively and provide you the best products, services, and experiences we can. We collect information when you register, sign in and use our sites and services. We also may get information from other companies. We collect this information in a variety of ways, including from web forms, technologies like cookies, web logging and software on your computer or other device.

AvePoint products use and transfer data only using recommended methodologies and APIs approved by Microsoft, Google, Salesforce, or other platform technology providers. Our applications' use of APIs adheres to the respective user data policies of such platform technology providers, as applicable. For example, our use of Google APIs adheres to the Google API Services User Data Policy (including Google’s “Limited Use” requirements thereunder).

We use information submitted through our websites or collected through e-mail or hard copy surveys to analyze the characteristics of our customers and improve our services. Occasionally, we will provide anonymized aggregated statistics about our customers in reports made available to our customers, to third parties, or to the public. These reports will not identify individual AvePoint customers.

If you request information about AvePoint products and services, we will collect your name, e- mail address, phone number, and additional company information. We use this information to contact you about your request, and to follow up with you about the products and services in which you have expressed an interest. We will also send information to you regarding upcoming AvePoint events, webinars, and relevant privacy related news and alerts. You may unsubscribe from these communications at any time by clicking on the unsubscribe link provided in the e- mail. AvePoint receives and processes information (in paper and electronic form) in accordance with its clients’ instructions for the purpose of providing services to its customers. At AvePoint, we recognize the importance of privacy to our customers, and we strive to safeguard any personal information we receive and may need to use in support of our customers.

We respect each individual's right to personal privacy. We will collect and use information we receive directly from you only in the ways disclosed in this Privacy Notice. This Privacy Notice does not apply to practices that AvePoint does not own or control, or to individuals that AvePoint does not employ or manage. For transfers of personal data between our entities in the European Union and other AvePoint entities, AvePoint has entered into Standard Contractual Clauses (“SCCs”) with all of its affiliated companies in order to ensure an adequate level of protection of such personal data.

In addition to the protection under the SCCs, AvePoint (including its controlled U.S. subsidiaries) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. AvePoint (including its controlled U.S. subsidiaries) has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. AvePoint (including its controlled U.S. subsidiaries) has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.

The privacy principles in this Privacy Notice are based on the SCCs and these Data Privacy Framework Principles (“Data Privacy Framework Principles”) and are further articulated in the AvePoint Data Privacy Framework Notice (“Data Privacy Framework Notice”) available at https://www.avepoint.com/company/data-privacy-framework-notice that sets out the privacy principles to which AvePoint adheres. If there is any conflict between the terms in this Privacy Notice (including AvePoint’s obligations stemming from its compliance with the SCCs) and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov.

This published Privacy Notice and the Data Privacy Framework Notice are accurate, comprehensive, prominently displayed, completely implemented, accessible and conform to the SCCs and the Data Privacy Framework Principles. In addition, we provide appropriate employee training (and discipline) and have internal procedures for periodically conducting objective reviews of our compliance with the SCCs and the Data Privacy Framework Principles.

1.2 Full text

AvePoint collects many kinds of information in order to operate effectively and provide you the best products, services, and experiences we can. Some of this information you provide directly to us. Some of it we get by observing how you interact with our products and services. Some of it is available from other sources that we may combine with the data we collect directly.

Regardless of the source, we believe it's important to treat that information with care and to help you maintain your privacy.

What We Collect:

Registration

When you sign up to use our sites or services you may be required to provide information about yourself, such as your name, birthdate, organization name, e-mail and postal address and postal code.

Signing In

To access some AvePoint services, you will need to sign in with a username and password, which we refer to as your user account.

Using Our Sites And Services

We collect information that tells us how you interact with our services, including the browser you're using, your IP address, location, cookies or other unique IDs, the pages you visit and features you use.

Data From Other Sources

We may get additional information about you, such as demographic data we purchase from other companies.

How We Collect Information:

We use a number of methods and technologies to gather information about how you use our sites and services, such as:

• Web forms, such as when you type information into a registration form or type a search query into a search box.
• Technologies like cookies and web beacons (Please visit Section 2 of this Privacy Notice page to learn more about these technologies).
• Web logging, which enables us to collect the standard information your browser sends to every website you visit - such as your IP address, browser type and language, and the site you came from - as well as the pages you visit and the links you click while using our sites and services.
• Software installed on your computer or other device, which may send back information needed to operate, update or improve that software.

Customer Data:

AvePoint receives and processes information (in paper and electronic form) in accordance with its clients’ instructions for the purpose of providing services to its customers. At AvePoint, we recognize the importance of privacy to our customers, and we strive to safeguard any personal information we receive and may need to use in support of our customers.

AvePoint Customer Information

Customer Information is information we collect from you when you purchase and contract with us to provide services or technology solutions. We will ask you to provide the following information:

• E-mail address;
• Phone number;
• Information regarding your role within your company;
• Company information, including company name, address, billing information (e.g., P.O. number, bank wire information, credit card number), and company size; and
• Contact information for other relevant points of contact within your company as needed for AvePoint to provide its services.

If you purchased one of AvePoint’s technical solutions, you may have the option to add additional users to your account. We will ask for the name and e-mail address of the additional users you want to add. This information is used by AvePoint to provide the requested service.

In the course of using AvePoint’s technical solutions or services, you may provide business information related to your company. Business information may include copies of your company’s policies and process documents, responses to assessment questionnaires and evidence to support those responses. This information is stored on AvePoint’s systems and is used to provide contracted services in accordance with the applicable terms and conditions of agreements between AvePoint and your company.

2. Cookies & Similar Technologies

2.1 Summary

Most AvePoint websites use "cookies," small pieces of data that can be read by a web server in the same domain that put the cookie on your hard drive. We may use cookies to help us retrieve your preferences and settings; help with sign-in; to combat fraud; and analyze site operations.

We also use web beacons to help deliver cookies and compile analytics. These may include third-party web beacons, which are prohibited from collecting your personal information.

You have a variety of tools to control cookies and similar technologies, including:

• Browser controls to block and delete cookies; and
• Controls from some analytics providers to opt out of data collection in web beacons.

2.2 Full text

2.2.1 Our Use of Cookies

Most AvePoint websites use “cookies,” which are small pieces of data sent to your browser by a web server. Upon subsequent requests, your browser will send the cookie data to the same web server, or other web servers in the same domain, when accessing the website. Cookies contain data that can be read by a web server in the domain that issued the cookie to you. That data often consists of a string of numbers and letters that uniquely identifies your computer but may contain other information as well. Here is an example of a unique ID number stored in a cookie that AvePoint might place on your device when you visit one of our websites: 0aj17be34l7srju0qcdnftigt0

We May Use Cookies For:

Sign-in and Authentication

When you sign into a site or service using your account on an AvePoint website, we store a unique ID number, and the time you signed in, in an encrypted cookie on your hard disk. This cookie allows you to move from page to page at the site without having to sign in again on each page. When you sign out, these cookies are deleted from your computer. This is commonly referred to as a “session cookie”. We also use cookies to improve the sign-in experience. For example, your username may be stored in a cookie that will remain on your computer after you sign out. This cookie allows your username to be pre-populated, so that you will only need to type your password the next time you sign in. If you are using a public computer or do not want this information to be stored, you can select the appropriate radio button on the sign-in page, and this cookie will not be used.

Site Analytics

We may use cookies to count the number of unique visitors to a web page or service or to develop other aggregate statistics about the operations of our sites and services. These analytics help us operate and improve the performance of these sites and services.In addition to the cookies AvePoint may set when you visit our websites, third parties may also set certain cookies on your device when you visit AvePoint sites. In some cases, that is because we have hired the third party to provide certain services on our behalf, such as site analytics. In other cases, it is because our web pages contain content or ads from third parties, such as videos, news content or ads delivered by other ad networks. Because your browser connects to those third parties’ web servers to retrieve that content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services.

2.2.2 How to Control Cookies

Browser Controls to Block Cookies

Most web browsers automatically accept cookies, but you can usually modify your browser setting to block cookies. Instructions for blocking cookies in different browsers are usually available at each browser’s privacy statement or in their help files or settings pages.

Please be aware that if you choose to block cookies, you may not be able to sign in or use other interactive features of AvePoint sites and services that depend on cookies.

Browser Controls to Delete Cookies

If you accept cookies, you can delete them later. Instructions for deleting cookies in different browsers are usually available at each browser’s privacy statement or in their help files or settings pages.

Please be aware that if you choose to delete cookies, any settings and preferences controlled by those cookies will be deleted and may need to be recreated.

Browser Controls for “Do Not Track” and Tracking Protection

Some newer browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the websites you visit indicating that you do not wish to be tracked. Those sites (or the third-party content on those sites) may continue to engage in activities you might view as tracking even though you have expressed this preference, depending on the sites’ privacy practices. Because there is not yet a common understanding of how to interpret the Do Not Track signal, AvePoint does not currently respond to the browser Do Not Track signals on its own websites or online services, or on third-party websites or online services where AvePoint provides content or is otherwise able to collect information.

2.2.3 Our Use of Web Beacons

AvePoint web pages may contain electronic images known as web beacons - sometimes called single pixel gifs - that may be used to help deliver cookies on our sites, let us count users who have visited those pages and deliver co-branded services. We may include web beacons in our promotional e-mail messages or newsletters to determine whether messages have been opened and acted upon.

Finally, AvePoint sites may contain web beacons from third parties to help us compile aggregated statistics regarding the effectiveness of our promotional campaigns or other website operations. These web beacons may allow the third parties to set or read a cookie on your computer. These companies may collect information about your online activities across websites or online servers, however, we prohibit third parties from using web beacons on our sites to collect or access your personal information. You may be able to opt out from data collection or use by these third-party analytics companies by opting out on their respective websites.

2.2.4 Other Similar Technologies

In addition to standard cookies and web beacons, websites can use other technologies to store and read data files on your computer. This may be done to maintain your preferences or to improve speed and performance by storing certain files locally. But, like standard cookies, it can also be used to store a unique identifier for your computer, which can then be used to track behavior.

3. How We Use Your Personal Information

3.1 Summary

AvePoint uses the information we collect to operate, improve and personalize the products and services we offer.

Customer Information will be used to provide the services and access to technology solutions you have purchased and the corresponding support.

We also may use the information to communicate with you, for example, informing you about your account and security updates.

And we may use the information to help make the ads you see on our ad-supported services more relevant.

3.2 Full text

AvePoint uses the information we collect to operate, improve, and personalize the products and services we offer. Information collected through one AvePoint service may be combined with information collected through other AvePoint services to give you a more consistent and personalized experience in your interactions with us. We may also supplement this with information from other companies. For example, we may use services from other companies to help us derive a general geographic area based on your IP address in order to customize certain services to your geographic area.

We also may use the information to communicate with you, for example, informing you when a subscription is ending, letting you know when updates are available or letting you know when you need to take action to keep your account active. We may also use the information, if the law allows it or if we have your express permission to do so, to contact you for sales or marketing purposes.

We will use your Customer Information to:

• Provide the services and access to the technology solutions you have purchased
• Renew subscription-based services
• Provide customer support. While providing you with customer support we may also gather additional information from you to investigate technical issues, and respond to your support questions; and
• Communicate regularly with you about your use of the software and service, AvePoint events and other industry or privacy-related news, and other AvePoint services we believe may be of interest to you. You may opt-out of receiving e-mails regarding AvePoint events and other AvePoint services by clicking the unsubscribe link provided in the e-mail. You will continue to receive notices regarding AvePoint software and technical services you purchased, and privacy-related updates such as notification of new or changes to existing privacy regulations.

4. Reasons We Share Your Personal Information

4.1 Summary

Except as described in this Privacy Notice, we won’t disclose your personal information to a third party without your consent.

Please see Other Important Privacy Information for details about when we may disclose information, including with AvePoint affiliates and vendors; when required by law or to respond to legal process; to combat fraud or protect our interest; or to protect lives.

4.2 Full text

Except as described in this Privacy Notice we won’t disclose your personal information to a third party without your consent. Contexts and situations where we may disclose your personal data without your consent are:

• Within AvePoint affiliates and subsidiaries
• As part of a merger or sale of a business
• With vendors and agents of AvePoint
• When required by law or to respond to legal process or lawful requests, including from law enforcement or other government agencies or other public authorities, including to meet national security or law enforcement requirements
• When required to combat fraud or protect our interests; and
• To protect life and safety

Please also refer to section 11.2.2 to learn more about why and with whom we share or disclose personal information.

5. Accessing Your Personal Information

5.1 Summary

Some AvePoint services may give you the ability to view or edit your personal information online. To help prevent others from viewing your personal information, you first might be required to sign in. How you can access your personal information will depend on which sites or services you have used.

5.2 Full text

Some AvePoint services may give you the ability to view or edit your personal information online. To help prevent your personal information from being viewed by others, you first might be required to sign in. The method(s) for accessing your personal information will depend on which sites or services you have used.

Each AvePoint website may provide you with links to access, correct or delete your personal data. You can also contact AvePoint by using a provided contact form on the website or by contacting the office of the General Counsel (see below for contact details). We will respond to requests to access or delete your personal information within 30 days.

Accessing and Updating your Personal Information

To review and update your personally identifying information to ensure it is accurate, contact us via e-mail: privacy@avepoint.com

AvePoint will make commercially reasonable efforts to provide you reasonable access to any of your personal information we maintain within 30 days of your access request. We provide this access so you can review, make corrections, or request deletion of your data. If we cannot honor your request within the 30-day period, we will tell you when we will be able to provide access. In the unlikely event that we cannot provide you access to this information; we will explain why we cannot do so.

6. Children

6.1 Summary

When an AvePoint site or service collects age information, it will block users under 16 or obtain consent from a parent or guardian before their child can use it.

When consent is granted, the child's account is treated much like any other account, including being able to communicate with other users.

Parents can change or revoke consent as described in this Privacy Notice.

6.2 Full text

When an AvePoint site or service collects age information, it will either block users under 16 or will ask them to provide consent from a parent or guardian before they can use it. We will not

knowingly ask children under 16 to provide more information than is necessary to provide the service.

When consent is granted, the child's account is treated much like any other account. The child may have access to communication services like e-mail, instant messaging and online message boards and may be able to communicate freely with other users of all ages.

6.3 Full Text

Parents can change or revoke the consent choices previously made, and review, edit or request the deletion of their children's personal information by using the contact form on the website.

7. Communication Preferences

7.1 Summary

You can stop the delivery of future promotional e-mail from AvePoint sites and services by following the specific instructions in the e-mail you receive. Depending on the respective service, you may also have the option of proactively making choices about the receipt of promotional e- mail, telephone calls, and postal mail for particular AvePoint sites or services.

7.2 Full text

If you receive promotional e-mails from us and would like to stop getting them in the future, you can do so by following the directions in that message.

Depending on the respective service, you may also have the option of proactively making choices about the receipt of promotional e-mail, telephone calls, and postal mail from particular AvePoint sites or services by visiting and signing into the corresponding services website.

These choices do not apply to the receipt of mandatory service communications that are considered part of certain AvePoint services, which you may receive periodically unless you cancel the service.

8. International Users - Applicable Law

8.1 Summary

Your personal information may be transferred to the United States or other countries. AvePoint transfers information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this Privacy Notice and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research and surveys.

8.2 Full text

Please note that the personal information you submit to us may be transferred to the United States and other countries to be processed by us in order to provide this website, our technology solutions and services to you or for such other purposes as set forth in this Privacy Notice. AvePoint transfers information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this Privacy Notice and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research and surveys.

The transfer of personal data to other countries (including the United States) is protected by SCCs into which AvePoint has entered with all of its affiliated companies in order to ensure an adequate level of protection of such personal data. In addition to that, AvePoint has certified that it adheres to the Data Privacy Framework Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Data Privacy Framework program, and to view AvePoint’s certification, please visit https://www.dataprivacyframework.gov.

9. Support Data

9.1 Summary

“Support Data” is the information we collect when you submit a support request or run an automated troubleshooter, including information about hardware, software, and other details related to the support incident, such as: contact or authentication information, chat session personalization, information about the condition of the machine and the application from when the fault occurred and during diagnostics, system and registry data about software installations and hardware configurations, and error-tracking files. We use Support Data as described in this Privacy Notice, and additionally use it to resolve your support incident and for training purposes.

9.2 Full text

Support Data is the information we collect when you submit a support request or run an automated troubleshooter, including information about hardware, software, and other details related to the support incident, such as: contact or authentication information, chat session personalization, information about the condition of the machine and the application from when the fault occurred and during diagnostics, system and registry data about software installations and hardware configurations, and error- tracking files. We use Support Data as described in this Privacy Notice, and additionally use it to resolve your support incident and for training purposes.

Support may be provided through phone, e-mail, or online chat. We may use remote access (“RA”), with your permission, to temporarily navigate your desktop. Phone conversations, online chat sessions, or RA sessions with support professionals may be recorded and/or monitored. For RA, you may also access the recording after your session For online chat or RA, you may end a session at any time of your choosing.

Following a support incident, we may send you a survey about your experience and offerings. You must opt-out of support surveys separately from other communications provided by AvePoint, by contacting support or through the e-mail footer.

To review and edit your personal information collected through our support services, please contact us by using our web form.

Some business customers may purchase enhanced support offerings. These offerings are covered by their own contract terms and notices.

10. Payment Data

10.1 Summary

“Payment Data” is the information that you provide when you make purchases. This may include your payment instrument number (e.g., credit card, PayPal), your name and billing address, and the security code associated with your payment instrument (e.g., the CSV or CVV). This section provides additional information regarding the collection and use of your payment information.

10.2 Full text

Payment Data is the information that you provide when you make purchases. This may include your payment instrument number (e.g., credit card, PayPal), your name and billing address, and the security code associated with your payment instrument (e.g., the CSV or CVV). This section provides additional information regarding the collection and use of your payment information.

Payment Data is used to complete your transaction, as well as for the detection and prevention of fraud. In support of these uses, AvePoint may share your Payment Data with banks and other entities that process payment transactions or other financial services, and for fraud prevention and credit risk reduction.

When you provide Payment Data to us, we may store that data to help you complete future transactions.

You may remove the payment instrument information associated with your organizational account by contacting us. After you close your account or remove a payment instrument, however, AvePoint may retain your payment instrument data for as long as reasonably necessary to complete your existing transaction, to comply with AvePoint’s legal and reporting requirements, and for the detection and prevention of fraud.

11. Other Important Privacy Information

11.1 Summary

Learn more about:

• Why and with whom we share or disclose personal information
• Protecting the security of personal information
• Where we store and process information
• Changes to our privacy statements
• How to Contact Us

11.2 Full text

Below you will find additional privacy information you may find important. Much of this describes practices that are common across the industry, but we want to make sure you are aware of them. Please keep in mind that this information is not a complete description of our practices - this is all in addition to the other, more specific information contained elsewhere in this Privacy Notice.

11.2.1 On this page:

• Sharing or Disclosing Personal Information
• Protecting the Security of Personal Information
• Where Information is Stored and Processed
• Changes to Our Privacy Statements
• How to Contact Us

11.2.2 Sharing or Disclosing Personal Information

AvePoint transfers information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this Privacy Notice and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research and surveys. In addition to any sharing described above in this Privacy Notice, AvePoint may share or disclose personal information:

• With other AvePoint controlled subsidiaries and affiliates
• As part of a corporate transaction such as a merger or sale of assets
• With vendors or agents. Specifically, we may share it with companies we've hired to provide services on our behalf. Examples of these services include analyzing data, providing marketing assistance, and processing credit card payments. When we share information with these other companies to provide services for us, they are not allowed to use it for any other purpose and must keep it confidential

We also may share or disclose personal information, including the content of your communications:

• To comply with the law or respond to legal process or lawful requests, including from law enforcement and government agencies or other public authorities, including to meet national security or law enforcement requirements
• To protect the rights or property of AvePoint or our customers, including enforcing the terms governing your use of the services.
• To act on a good faith belief that access or disclosure is necessary to protect the personal safety of AvePoint employees, customers or the public.

Please note that our sites may include links to third-party sites whose privacy practices may differ from those of AvePoint. If you submit personal information to any of those sites, your information is governed by the privacy statements on those sites. We encourage you to review the privacy statement of any site you visit.

11.2.3 Protecting the Security of Personal Information

AvePoint is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use or disclosure. For example, we store the personal information you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential information (such as a credit card number or password) over the

Internet, we protect it through the use of encryption, such as the Transport Layer Security or Secure Socket Layer protocols.

If a password is used to help protect your accounts and personal information, it is your responsibility to keep your password confidential. Do not share it. If you are sharing a computer, you should always log out before leaving a site or service to protect access to your information from subsequent users.

AvePoint has received ISO 27001:2015 certification with respect to secure software development and maintenance process including support business functions like Infosec, IT, HR, Sales and Marketing, Project Management, Operations and Call Center.

11.2.4 Where Information is Stored and Processed

Personal information collected on AvePoint sites and services may be stored and processed in the United States or any other country where AvePoint or its affiliates, subsidiaries or service providers maintain facilities. We take steps to ensure that the data we collect under this Privacy Notice is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located.

AvePoint may retain your personal information for a variety of reasons, such as to comply with our legal obligations, resolve disputes, enforce our agreements, and as long as necessary to provide services. To learn how to access your personal information, visit section 11.2.8 (Accessing and Updating Your Personal Information).

11.2.5 Changes to Our Privacy Statements

We will occasionally update this Privacy Notice to reflect customer feedback and changes in our services. When we post changes to the Privacy Notice, we will revise the "Revision History” at the end of this Privacy Notice. If there are material changes to the Privacy Notice regarding how AvePoint will use your personal information, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review the Privacy Notice to learn how AvePoint is protecting your information when using our products and services.

11.2.6 How Can I Exercise My Data Subject Rights?

If you would like to access, review, update, rectify, and delete any Personal Information we hold about you, or exercise any other data subject right available to you under the EU General Data Protection Regulation, please submit a written request by e-mail to: privacy@avepoint.com.

Our privacy team will examine your request and respond to you as quickly as possible.

Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Under the California Consumer Privacy Act (CCPA), California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and for us to provide contact information for such affiliates and/or third parties.

by mail to: AvePoint, Inc., River Front Plaza, West Tower, 901 East Byrd Street, Suite 900, Richmond, VA, Attn: General Counsel.

If you are a resident of the European Economic Area (“EEA”), please see the section below for users in the European Economic Area for further information about your privacy rights.

11.2.7 How to Contact Us and Ways to Resolve Disputes

• If you have a technical or general support question, please visit https://www.avepoint.com/ to learn more about AvePoint support offerings.

• If you have a general privacy question, or a question with regard to this Privacy Notice, please contact AvePoint’s Office of the General Counsel by e-Mail to: privacy@avepoint.com; or

• By mail to: AvePoint, Inc., River Front Plaza, West Tower, 901 East Byrd Street, Suite 900, Richmond, VA, Attn: General Counsel.

If you are a resident of the EEA and have an unresolved privacy or personal information collection, use, or disclosure concern that we have not addressed satisfactorily, please contact the EU Data Protection Authorities. If you are a resident of Switzerland and have this concern, please contact the Swiss Federal Data Protection and Information Commissioner.

For more information on how to contact the EU Data Protection Authorities, click here (https://edpb.europa.eu/about-edpb/about-edpb/members_en).

For more information on how to contact the Swiss Federal Data Protection and Information Commissioner, click here (https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html).

11.2.8 Accessing and Updating your Personal Information

• To review and update your personally identifying information to ensure it is accurate, contact us via e-mail: privacy@avepoint.com
• AvePoint will make commercially reasonable efforts to provide you reasonable access to any of your personal information we maintain within 30 days of your access request. We provide this access so you can review, make corrections, or request deletion of your data. If we cannot honor your request within the 30-day period, we will tell you when we will be able to provide access. In the unlikely event that we cannot provide you access to this information; we will explain why we cannot do so.

To find the AvePoint subsidiary in your country or region, see https://www.avepoint.com/about/contact/.

For more information about Data Protection, Privacy and Security at AvePoint, please visit https://www.avepoint.com/company/trust-center.

Revision History

Visit Trust Center for more information