PRIVACY POLICY

This privacy policy (the “Privacy Policy”) explains how we process your personal data (i.e. data by which you may be directly or indirectly identified, hereafter the Personal Data) in accordance with the Data Protection Legislation when you access and browse the website [sanisure.com] (the Website). Data Protection Legislation means the General Data Protection Regulation (EU) 2017/69 of the European Parliament and of the Council of 27 April 2016 (the GDPR), as well as national laws that implement and complement the GDPR.

1. WHO IS THE DATA CONTROLLER AND WHO TO CONTACT?

Any Personal Data provided to or collected by us will be processed (i.e. used, stored, transmitted, etc.) in accordance with this Privacy Policy by us, [Q-Biopharma LLC] (hereafter “SaniSure” “we” or “us”), in our capacity as controller or by our subcontractors and service providers as further described in this Privacy Policy in their capacity as processors. If you have any questions or comments or want to exercise your rights, you may contact [sschlack@sanisure.com].

2. WHAT PERSONAL DATA IS PROCESSED?

Sanisure receives and collects the Personal Data directly from you or through the use of automated technology when you use and interact with the Website. In particular, the Personal Data SaniSure processes about you may include: [IP address, location data, engagement on website, and cookie ID]

3. FOR WHICH PURPOSES DOES SANISURE PROCESS PERSONAL DATA AND ON WHICH LEGAL BASIS?

3.1 For the purposes of entering or performing a contract with you We process your Personal Data for the purpose of concluding and fulfilling our contractual obligations under the contract concluded with you when you purchase SaniSure products or services via the Website. 3.2 Based on SaniSure’s or a third party’s legitimate interest We process your Personal Data in our interests or to pursue third party’s legitimate interests. These interests cover processing to: • identify you and to enable us to properly answer your query; • keep a record of your relationship with us; • improve the performance and usability of the Website; • send updates and announcements about SaniSure products and services; • establish statistics and the conduct of Website trends, performance and commercial analysis; • assure the safety and continuity of SaniSure’s IT services and systems; • prevent and detect fraud; • establish, exercise and defend legal claims; and • in connection with any business reorganisation, transfer, disposal, merger or acquisition on the level of Sanisure. 3.3 For compliance with our legal or regulatory obligations We can process your Personal Data where it is necessary for compliance with legal or regulatory obligations that we are subject to, notably data retention obligations or when responding to requests from competent authorities. 3.4 With your consent Insofar as you have given SaniSure your consent to the processing of your Personal Data, such consent will serve as a legal basis for the referred processing. This includes the consent you may have given in relation to the use of cookies or the possibility to be contacted in relation of commercial communication on our events and information about our activities, products and services, as well as to receive Sanisure’s newsletter.

4. COOKIES

A “cookie” is a small piece of code that a website places in the cookie file of your browser and that allows the website to remember who you are. Like many other website, SaniSure uses cookies or similar technologies (like page tags) to provide you with a safe, effective and user-friendly Website. SaniSure also uses cookies to compile certain information to determine visitor’s preferences and trends in relation to the web browsing activity. You have the choice of deciding whether to accept cookies or not by exercising such choice in the cookie banner available on the Website or by setting your browser to block some or all cookies. However, please be aware that if you do not accept cookies, you may not be able to enjoy a comprehensive experience of the Website features. Cookies that are necessary for the functioning of the Website cannot be refused. For more information on the use of cookies, please refer to SaniSure’s Cookie Policy [https://sanisure.com/wp-content/uploads/2023/11/SaniSure-Cookie-Policy.pdf].

5. WHO RECEIVES YOUR PERSONAL DATA?

The following recipients may receive your Personal Data: • service providers, including but not limited to IT or website services suppliers and archiving storage providers, that process your Personal Data on SaniSure’s instructions; • government, courts, law enforcement authorities, regulators or attorneys and supervisory authorities; • parties involved in the context of a company restructuring, transfer, divestiture, merger or acquisition impacting SaniSure; • shareholders, agents, employees, consultants, representatives, auditors and business partners; and • other companies belonging to the same group as SaniSure (and if necessary, their respective shareholders, agents, employees, consultants, representatives, auditors, service providers and business providers).

6. WHERE IS YOUR PERSONAL DATA TRANSFERRED TO?

[For the purposes listed above, your Personal Data will be transferred to any of the aforementioned recipients and service providers in countries located in or outside of the European Economic Area (the EEA). Personal data may be transferred to the following countries located outside of the EEA: [USA]. Certain countries in which recipients and data processors may be located and to which Personal Data may be transferred may not have the same level of protection of Personal Data as the one afforded in the EEA. Personal data transferred to countries outside of the EEA will be protected by appropriate safeguards such as standard contractual clauses approved by the European Commission and you may obtain a copy of such safeguards by contacting us at the email address provided in clause 1.

7. HOW LONG DOES SANISURE RETAIN YOUR PERSONAL DATA?

The retention periods for your Personal Data are based on SaniSure’s business needs and legal requirements. Sanisure may notably retain: • Personal Data you have submitted to SaniSure through a specific request until we have responded to your request or until the end of the exchange relating thereto, plus ten (10) years as of the end of such communication; and • cookies for a maximum of twelve (12) months after your last use of the Website. SaniSure may also retain your Personal Data other than related to cookies for up to two (2) years for statistics, business analysis and marketing purposes.

8. DO YOU HAVE THE OBLIGATION TO PROVIDE PERSONAL DATA?

In the context of SaniSure’s business and the functioning of the Website, you only have to provide the Personal Data that is necessary for SaniSure to reply to your requests, or for the Website to run properly. However, please be aware that without certain types of Personal Data (notably Personal Data relating to cookies that are necessary to be able to browse the Website), SaniSure will not be able to duly reply to your requests or some parts of the Website may become inaccessible.

9. TO WHAT EXTENT DOES SANISURE USE AUTOMATED DECISIONS MAKING OR PROFILING?

In general, SaniSure does not use automated individual decision-making or profiling in the course of the relationship with you. Should SaniSure rely on such processing, SaniSure would inform you separately.

10. WHAT ARE THE RIGHTS OF THE USERS?

The exercise of the below rights is free of charge and not bound to any formalities. You may exercise these rights by contacting us through the contact information included in clause 1 above. To protect your privacy and security, SaniSure may takes steps to verify your identify before complying with any of your requests. 10.1 Right to information, rectification, erasure and restriction of processing You may request to obtain, within reasonable intervals, and in a timely manner, the communication of your Personal Data that is being processed by SaniSure, as well as all information on the origin of those Personal Data. You also have the right to rectify Personal Data that is inaccurate. In cases where the accuracy of the Personal Data is contested, the processing is unlawful, or where you have objected to the processing of your Personal Data, you may ask for the restriction of the processing of such Personal Data. This means that Personal Data will, with the exception of storage, only be processed for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of an EU Member State. In case a processing is restricted, you will be informed before the restriction of processing is lifted. You may request the deletion of Personal Data, without undue delay when the use or other processing of such Personal Data is no longer necessary for the purposes described in clause 3 above, and notably when consent relating to a specific processing has been withdrawn or where the processing is not or no longer lawful for other reasons. 10.2 Right to object You may object to the processing of your Personal Data which is based on the legitimate interests pursued by SaniSure or by a third party. In such a case SaniSure will no longer process your Personal Data unless SaniSure or the third party has compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. 10.3 Right to withdraw consent You have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal. The withdrawal only affects future processing. A possibility to unsubscribe from the electronic SaniSure newsletter is provided by default in form of an “Unsubscribe” link at the end of each newsletter. 10.4 Right to data portability Where the processing of your Personal Data is based on consent or the execution of a contract with you, you also have the right to data portability for information you provided to SaniSure– this means that you can obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and potentially transmit it to another controller. 10.5 Right to lodge a complaint In the event that you wish to complain about how SaniSure processes your Personal Data, and/or if you want more details on the processing of your Personal Data and/or if you have any specific queries or concerns regarding the processing of your Personal Data, please contact SaniSure in the first instance using the contact details provided in clause 1 and SaniSure will endeavour to deal with your request as soon as possible. This is without prejudice to your right to file a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or of an alleged infringement of the GDPR.

11. LINKS TO THIRD PARTY WEBSITES

The Website might contain link to third party websites (e.g. Linkedin, Twitter, etc.). This Privacy Policy solely concerns the Website, and SaniSure’s processing of personal data. Please check the privacy policy or these third parties’ websites to learn more about how they process your Personal Data under their own responsibility.

12. AMENDMENTS OF THIS PRIVACY POLICY

SaniSure may amend this Privacy Policy from time to time to ensure that you are fully informed about all processing activities and SaniSure’s compliance with applicable Data Protection Legislation.

13. USE OF SALESVIEWER® TECHNOLOGY

This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.

In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.

The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

Last Updated: This Privacy Policy was last updated on May 15, 2022.