Cambly Inc. Data Privacy Framework Statement

Effective date: January 22, 2024

Cambly Inc. (“Cambly”, “we”, “our” or “us”) complies with the U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce (collectively, the “DPF”).

This Cambly Data Privacy Framework Statement (“DPF Policy”) and the Cambly Privacy Policy (“Privacy Policy”) describes the privacy practices that we implement for Personal Data received from the EEA, UK and Switzerland. Cambly has certified to the Department of Commerce that it adheres to the DPF Principles. This DPF Policy uses terms that are defined in the Privacy Policy. If there is any conflict between the terms in this DPF Policy and the DPF Principles as concerns the Personal Data received under the DPF, the DPF Principles will prevail.

To learn more about the DPF program, please visit https://www.dataprivacyframework.gov/, and to view our certification, please see here.

What this statement covers.

Please see the relevant parts of the Privacy Policy for information about:

• The types of Personal Information processed;
• The purposes of data processing;
• Third parties who may receive Personal Information;
• A data subject’s right to access Personal Information; and
• A data subject’s choices to limit the use and disclosure of Personal Information

To the extent provided by the DPF program, Cambly is responsible for the processing of Personal Information it receives or subsequently transfers to a third party acting as an agent on its behalf. Cambly may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Enforcement

Cambly’s compliance with the DPF is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. In accordance with the DPF, Cambly is also liable for onward transfers to third parties that process personal information in a way that does not follow the DPF unless Cambly was not responsible for the event giving rise to any alleged damage.

Contact Information

For further information or to file a complaint, please contact us:

Cambly Inc.

440 N. Barranca Ave.#4343

Covina, CA 91723

In the event we are unable to resolve your concerns, you can contact our third party dispute resolution provider JAMS (free of charge).

In some cases, the DPF gives you the right to pursue binding arbitration. You can do this to resolve complaints not resolved by Cambly or our third party dispute resolution provider, as described in Annex I to the DPF Framework.

Changes to this policy

This DPF Policy may be changed from time to time, consistent with the requirements of the DPF and in accordance with the process described in the Cambly Privacy Policy.