PRIVACY POLICY AND DATA PROCESSING ADDENDUM

Effective Date: May 17th, 2026
Last Updated: May 17th, 2026
Version: 1.1

This document consists of two parts:

– Part A: Estajo Privacy Policy — explains how Estajo collects and handles Personal Data relating to Users and visitors.
– Part B: Data Processing Addendum (DPA) — governs how Estajo processes Client Data on behalf of its clients.

Both parts form part of the Estajo Terms of Service and should be read together.

PART A: ESTAJO PRIVACY POLICY

INTRODUCTION

This Privacy Policy explains how Estajo (“Estajo,” “we,” “our,” “us”), a sole proprietorship operated by Ifiok Charles, collects, uses, stores, and discloses Personal Data when providing the Service described in the Estajo Terms of Service (“TOS”).

This Policy applies to:

– Employees and authorized representatives of our clients who use the Service (“Users”)
– Visitors to our website
– Individuals who communicate with us (e.g., via email, chat, or support channels)

By using the Service, you acknowledge that you have read and understood this Privacy Policy. It should be read together with the Estajo TOS and the Data Processing Addendum in Part B of this document.

1. SCOPE AND DISTINCTION

1.1 Policy Coverage

This Privacy Policy governs Estajo’s processing of Personal Data relating to:

– User accounts and login details
– Interactions with our Service and support team
– Billing and subscription administration

1.2 Client Data Distinction

“Client Data” is the customer, prospect, deal, closed deal records, uploaded files, AI chatbox conversation history, AI analysis results, and related business data that you upload into or generate within the Service.

– You (the Client) own and control Client Data.
– Estajo processes Client Data only as a Processor/Service Provider on your behalf.
– The processing of Client Data is governed by the DPA (Part B), not by this Privacy Policy.

For Client Data, you act as Controller/Business, and Estajo acts as Processor/Service Provider.

1.3 Exclusion of Sensitive Data

The Service is not designed to process Sensitive Data (such as health data, racial or ethnic origin, religious beliefs, trade union membership, biometric identifiers, sexual orientation, government ID numbers, or children’s data).

It is prohibited under the TOS to upload Sensitive Data. Estajo is not liable for any unauthorized submission of Sensitive Data. Clients are solely responsible for ensuring such data is not introduced into the Service.

2. THE DATA WE COLLECT AND PURPOSE

We apply data minimization principles and collect only what is necessary to operate, secure, and improve the Service.

2.1 Account and Identity Data

Data collected:

– Full name
– Business email address
– Phone number
– Encrypted password
– Team assignment, roles, and permissions
– Account creation date and status

Purpose: To create and manage accounts, authenticate Users, allocate permissions, and provide the Service.

2.2 Billing and Payment Data

Data collected:

– Billing contact name and email
– Company name and business address
– Tax details (where required)
– Subscription plan, payment status, and invoice history

We do not store complete payment card or bank details. Payment processing is handled by Stripe, a PCI-DSS compliant third-party processor.

Purpose: For invoicing, subscription management, and compliance with Canadian and US tax and accounting obligations.

2.3 Usage Data (Non-Identifying)

We deliberately limit technical usage data collection. We may collect non-identifying or aggregated data such as:

– General feature usage statistics
– Performance and error metrics
– Aggregated service health indicators

We do not use this data to identify individuals.

Purpose: Troubleshooting, improving the Service, capacity planning, and security monitoring.

2.4 Communications Data

Data collected:

– Support tickets, emails, and in-app messages
– Feedback and feature requests

Purpose: To provide, document, and improve customer support and Service quality.

2.5 Cookies and Tracking

We use cookies and similar technologies only as necessary for the Service to function, including:

– Authentication and session management
– Security and fraud prevention

We do not use cookies for marketing, advertising, or non-essential third-party tracking.

You may manage cookies through your browser settings, but disabling essential cookies may affect Service functionality.

3. HOW WE USE AND SHARE PERSONAL DATA

3.1 Use of Data

We use Personal Data to:

Service Delivery:
– Provide and maintain the Service
– Authenticate Users and manage accounts
– Enable team collaboration and workflows
– Manage subscriptions and payments

Service Improvement:
– Improve features and usability
– Develop new functionality
– Monitor performance and reliability

Security and Compliance:
– Protect accounts and systems
– Detect and prevent fraud, abuse, and threats
– Enforce the TOS and legal obligations

Communication:
– Respond to support requests and inquiries
– Send service-related notices and updates

We do not sell or rent Personal Data, and we do not use it for unrelated marketing without consent.

3.2 Service Providers (Sub-processors)

We rely on trusted third-party providers for functions such as cloud hosting, payment processing, document processing, and AI feature delivery. These providers are contractually bound to process data only as instructed by Estajo, must implement appropriate data protection measures, and are prohibited from selling Personal Data.

A current list of Sub-processors is maintained in Appendix 1 of this document.

3.3 Legal Compliance and Enforcement

We may disclose Personal Data where necessary to:

– Comply with applicable Canadian or US laws or legal processes
– Respond to lawful requests (e.g., court orders or government demands)
– Protect the rights, property, or safety of Estajo, our Clients, Users, or the public
– Detect, prevent, or address fraud, security, or technical issues

Where permitted, we seek to provide advance notice and limit disclosures to what is legally required.

3.4 Business Transfers

In a business transfer, reorganization, or sale of assets, Personal Data may be transferred to a successor entity subject to this or a comparable privacy policy. We will provide notice and, where feasible, allow you to close your account before the transfer.

3.5 No Sale of Personal Data

Estajo does not sell or share Personal Data for monetary or other valuable consideration, nor provide it to data brokers or advertisers for targeted marketing. This applies to both Canadian and US-based Users.

4. DATA PROTECTION, RETENTION, AND RIGHTS

4.1 Security Measures

We maintain appropriate technical, organizational, and physical safeguards to protect Personal Data, including:

– Encryption in transit and at rest
– Role-based access controls and multi-factor authentication for sensitive access
– Regular security patching, monitoring, and backups
– Staff confidentiality obligations and security awareness

A summary of our technical and organizational measures is provided in Appendix 2.

4.2 Retention Policy

We retain Personal Data only as long as necessary for:

– Providing the Service
– Fulfilling legal obligations under Canadian and US law
– Resolving disputes and enforcing agreements

In general:

– For active accounts, we retain data for the duration of the relationship.
– After account closure or cancellation, data is kept for a limited period for recovery and legal purposes, then securely deleted or anonymized.
– Billing records are retained for up to 7 years to satisfy Canadian and US tax obligations.
– Backup copies persist for a limited rotation period before being overwritten.

4.3 Privacy Rights by Jurisdiction

Depending on your jurisdiction, you may have rights regarding your Personal Data. To exercise any of the rights below, contact us at legal@estajo.com. We will verify your identity and respond within the timeframe required by applicable law.

Canadian Users (PIPEDA and Provincial Privacy Laws):

– Access the Personal Data we hold about you
– Request correction of inaccurate or incomplete data
– Withdraw consent to certain processing where consent is the basis
– File a complaint with the Office of the Privacy Commissioner of Canada or your provincial privacy commissioner

California Users (CCPA/CPRA):

– Know what categories and specific pieces of Personal Information we collect and disclose
– Request deletion of your Personal Information, subject to legal exceptions
– Request correction of inaccurate Personal Information
– Opt out of any sale or sharing of Personal Information (Estajo does not sell or share Personal Information)
– Limit the use of Sensitive Personal Information (Estajo does not process Sensitive Personal Information as defined under CCPA/CPRA)
– Be free from discriminatory treatment for exercising your privacy rights
– Designate an authorized agent to submit requests on your behalf

Users in Other US States:

Where other US state privacy laws apply (e.g., Virginia, Colorado, Connecticut, Utah), we will honor applicable rights to access, correct, delete, and where relevant, opt out of certain processing. Contact us at legal@estajo.com to submit such requests.

4.4 Cross-Border Data Transfers

Client Data and Personal Data may be processed in both Canada and the United States. Data transfers between Canada and the US are governed by contractual safeguards with our Sub-processors, including data processing agreements with obligations consistent with PIPEDA and applicable US privacy laws. Estajo takes reasonable steps to ensure Personal Data receives an equivalent level of protection regardless of where it is processed.

4.5 Contact Information

For questions, concerns, or privacy rights requests:

Legal and Privacy: legal@estajo.com
Product Support: help@estajo.com

Estajo — Legal
Operated by: Ifiok Charles
Address: 105 Champagne Avenue, Ottawa, Ontario, K1S 5E5, Canada

5. CLIENT DATA EXPORT — WHAT IS AND IS NOT INCLUDED

5.1 Export Features

The Service provides two data export features:

Advanced Filter Export (available to all Users during active Subscription Term):
All Users may export subsets of lead data at any time during an active subscription by applying filters to define a subset of leads and downloading the lead profile data for those leads.

Bulk Download (Super Admin only — available during cancellation or suspension grace period):
Upon cancellation or suspension, the Super Admin may access a dedicated bulk download page to download all lead profile data — including closed deal records — in CSV or ZIP format with a single click. This feature is not available to Admins or Agents during the grace period.

Export formats:
– CSV — each row represents one lead, with columns corresponding to all system fields and custom fields configured by the Client;
– ZIP — containing all lead profile data in full across all fields.

5.2 Closed Deal Archive — What Is and Is Not Exported

When a deal is marked as closed (won or lost), it is automatically preserved in a secure, read-only Closed Deal Archive. The archive retains the complete intelligence history of the closed deal, including the lead profile, notes, AI chatbox conversation history, AI analysis results, and activity history. Closed deal records do not count toward the Client’s active project limit but do count toward the Client’s total storage limit.

What IS exported: Lead profile data (system fields and custom fields) for closed deals is included in the CSV and ZIP export formats.

What is NOT exported: The intelligence history of closed deals — including notes, AI chatbox conversation history, AI analysis results, and activity history — is viewable within the Service during the active Subscription Term but is not included in any export format. This intelligence history exists only within the Service and cannot be exported.

Upon cancellation, all closed deal records — including the complete intelligence history — will be permanently deleted after the 30-day grace period and cannot be recovered.

5.3 Data Not Included in Any Automated Export

The following data types are not included in either export format:

– Notes associated with leads (active or closed)
– Activity history
– Tasks associated with leads
– Files personally uploaded by Users to the Service
– AI chatbox conversation history (active and closed deals)
– AI analysis results (active and closed deals)

Estajo does not provide an automated export for these data types. Clients must retrieve them directly from the Service while the account is still active. Once the account is cancelled or permanently deleted, this data cannot be recovered under any circumstances.

Estajo intends to evaluate the feasibility of including additional data types in future export options.

5.4 Client Responsibility

The Client is solely responsible for manually saving any intelligence history, uploaded files, notes, activity history, tasks, AI chatbox history, and AI analysis results it wishes to retain before cancellation takes effect or before the permanent deletion deadline. Estajo is not liable for any data loss arising from the Client’s failure to retrieve data in time.

6. CHILDREN’S PRIVACY

The Service is not intended for individuals under 18 or the age of majority in their jurisdiction. We do not knowingly collect Personal Data from minors.

If you believe a minor has provided us Personal Data, contact us at legal@estajo.com. We will investigate and delete such data promptly where required.

7. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or the Service.

– The “Last Updated” date will be revised with each update.
– For material changes that significantly affect your rights, we will provide notice via email or in-app notification at least 30 days in advance.

Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy. If you do not agree to a material change, your remedy is to cancel your account before the change takes effect.

PART B: DATA PROCESSING ADDENDUM (DPA)

INTRODUCTION

This DPA forms part of the Estajo TOS and governs Estajo’s processing of Client Data containing Personal Data on behalf of the Client. It applies from the date the Client accepts the TOS and covers all processing of Client Data through the Service.

1. DEFINITIONS

Key terms used in this DPA have the following meanings:

– Applicable Data Protection Law: PIPEDA, applicable Canadian provincial privacy laws, CCPA/CPRA, and other applicable Canadian and US federal and state privacy laws.
– Client: The organization or individual that has accepted the Estajo TOS and subscribes to the Service.
– Client Data: All data submitted to or stored in the Service by or on behalf of the Client or its Users, including uploaded files, active lead records, closed deal records, AI chatbox conversation history, AI analysis results, and related content.
– Closed Deal Archive: A secure, read-only section of the Service that automatically preserves the complete intelligence history of deals marked as closed (won or lost) — including lead profile, notes, AI chatbox conversation history, AI analysis results, and activity history — for the duration of the active Subscription Term. Closed deal records do not count toward the Client’s active project limit but do count toward the Client’s total storage limit.
– Controller / Business: The entity that determines the purposes and means of processing Personal Data — typically the Client.
– Processor / Service Provider: An entity that processes Personal Data on behalf of a Controller or Business — Estajo in this context.
– Personal Data / Personal Information: Information relating to an identified or identifiable natural person.
– Personal Data Breach: A breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data.
– Processing: Any operation performed on Personal Data, including collection, storage, use, disclosure, and deletion.
– Sensitive Data: As defined in the TOS — prohibited from being submitted to the Service.
– Sub-processor: A third party engaged by Estajo to process Client Data on Estajo’s behalf.
– Technical and Organizational Measures (TOMs): The security and operational safeguards Estajo maintains to protect Client Data.

2. ROLES, SCOPE, AND PURPOSE

2.1 Roles of the Parties

– The Client acts as Controller/Business and determines the purposes and means of processing Client Data.
– Estajo acts as Processor/Service Provider, processing Client Data solely on behalf of the Client and only in accordance with the Client’s documented instructions.
– For Personal Data relating to Users (as described in Part A), Estajo may act as an independent Controller.

2.2 Details of Processing

Subject matter: Client Data uploaded to or generated within the Service, including active lead records, closed deal records with complete intelligence history (not counting toward active project limits), uploaded files, and related content.

Duration: For the Subscription Term and any post-cancellation retention period defined in Section 9 and applicable law.

Nature and purpose: Providing and improving the Service, enabling Client workflows and collaboration, preserving closed deal intelligence history in the Closed Deal Archive, technical support, and legal compliance.

Types of Personal Data: Contact and professional information, communication history, deal records, closed deal intelligence history, uploaded files, AI-generated content, and other data the Client chooses to include, excluding Sensitive Data.

Data subjects: The Client’s customers, prospects, business contacts, employees or contractors (if included in Client Data), and other individuals associated with Client records.

Sensitive Data must not be uploaded or processed through the Service.

2.3 Client Instructions

Estajo processes Client Data only according to the Client’s documented instructions as set out in:

– This DPA and the TOS
– Configurations and actions taken within the Service
– Written instructions provided to Estajo support

If an instruction appears unlawful or conflicts with applicable law, Estajo will notify the Client and may suspend acting on that instruction until it is clarified.

2.4 Compliance with Laws

The Client is responsible for ensuring that its collection and use of Client Data, and its instructions to Estajo, comply with Applicable Data Protection Law, including any applicable notice and consent obligations. Estajo will comply with applicable law in its role as Processor/Service Provider.

3. PROCESSOR OBLIGATIONS AND SECURITY MEASURES

3.1 Lawful Instructions

Estajo will:

– Process Client Data only on the Client’s behalf and for the purposes set out in this DPA and TOS
– Not use Client Data for its own independent purposes
– Inform the Client if an instruction conflicts with Applicable Data Protection Law

3.2 Confidentiality

Estajo ensures that authorized personnel are bound by confidentiality obligations, receive appropriate training, and access Client Data only as necessary for their role.

3.3 Technical and Organizational Measures (TOMs)

Estajo maintains appropriate TOMs to protect Client Data, including:

– Access controls and role-based permissions
– Encryption in transit and at rest
– Network and application security monitoring
– Backup and disaster recovery procedures
– Vendor management and third-party security requirements
– Security governance and incident response

A summary is provided in Appendix 2. Estajo may update TOMs over time without reducing their overall level of protection.

3.4 Security Incident Response

Estajo maintains procedures to detect, respond to, and remediate security incidents, including Personal Data Breaches, and will notify the Client in accordance with Section 6.2.

4. SUB-PROCESSING

4.1 Authorization of Sub-processors

The Client authorizes Estajo to engage Sub-processors for processing Client Data, subject to the requirements of this Section.

4.2 Sub-processor Requirements

Estajo will enter into written agreements with Sub-processors imposing data protection obligations no less protective than those in this DPA. Estajo remains responsible to the Client for Sub-processor performance.

4.3 Sub-processor List and Changes

A current list of Sub-processors is provided in Appendix 1. Estajo will provide at least 30 days’ prior notice of any new Sub-processor additions via email or in-app notification. If the Client reasonably objects to a new Sub-processor on data protection grounds, it may notify Estajo in writing within that 30-day period and Estajo will work in good faith to address the concern.

5. PRIVACY RIGHTS REQUESTS AND COOPERATION

5.1 Assistance with Privacy Rights Requests

The Client is responsible for responding to privacy rights requests from individuals relating to Client Data. Estajo will provide reasonable assistance, including tools within the Service to search, export, correct, or delete data.

5.2 Direct Requests to Estajo

If Estajo receives a privacy rights request directly from an individual relating to Client Data, Estajo will, where appropriate, direct the requester to the Client and notify the Client, unless prohibited by law.

5.3 Client Responsibilities

The Client is responsible for verifying identity, determining the validity of requests, applying any applicable legal exemptions, and communicating with individuals regarding their privacy rights requests.

6. DATA SECURITY AND BREACH NOTIFICATION

6.1 Security Measures

Estajo maintains the TOMs described in Section 3.3 and Appendix 2 and updates them as needed to address evolving risks.

6.2 Personal Data Breach Notification

In the event of a confirmed Personal Data Breach affecting Client Data, Estajo will:

– Notify the Client without undue delay and within any timeframe required by Applicable Data Protection Law, providing available details of the breach;
– Take appropriate steps to contain, investigate, and remediate the incident;
– Provide reasonable cooperation so the Client can meet its own legal notification obligations under PIPEDA, applicable provincial law, or US state law as applicable.

6.3 Cooperation and Documentation

Estajo will maintain records of Personal Data Breaches and make relevant information available to the Client and, where required, to applicable regulatory authorities.

7. AUDITS AND COMPLIANCE

7.1 Client Audit Rights

Subject to reasonable notice, frequency, scope, and confidentiality requirements, the Client may:

– Review relevant documentation and security reports; or
– Request confirmation of Estajo’s compliance with this DPA following a material security incident.

Estajo may satisfy audit requirements by providing independent third-party certifications or reports where available.

7.2 Documentation and Records

Estajo will maintain records of processing activities and make them available as necessary to demonstrate compliance with Applicable Data Protection Law.

8. CROSS-BORDER DATA TRANSFERS

8.1 Transfer Scope

Client Data may be processed in both Canada and the United States depending on which Sub-processors are used to deliver the Service.

8.2 Transfer Safeguards

Data transfers between Canada and the US are governed by contractual safeguards with Sub-processors, including data processing agreements that impose obligations consistent with PIPEDA and applicable US privacy laws.

8.3 Additional Measures

Estajo implements supplementary technical safeguards — including encryption and access controls — and monitors relevant legal developments to maintain an adequate level of protection for Client Data regardless of where it is processed.

9. DATA RETURN AND DELETION

During the Subscription Term, all Users may export subsets of lead profile data at any time using the advanced filter export feature. The Super Admin may also initiate a full bulk download of all lead profile data at any time during the active Subscription Term.

Upon cancellation or expiration of the Subscription Term:

– The Super Admin retains access to a dedicated bulk download page for up to 30 days to download all lead profile data — including closed deal records — in CSV or ZIP format.
– The bulk download feature during the grace period is accessible to the Super Admin only.
– The intelligence history of closed deals — including notes, AI chatbox conversation history, AI analysis results, and activity history — is not included in any export format and must be manually retrieved by the Client from the Service before cancellation takes effect.
– The following additional data types are also not included in the automated export and must be retrieved manually: uploaded files, notes on active leads, activity history, tasks, AI chatbox conversation history, and AI analysis results for active leads.
– After the 30-day period, all Client Data — including all closed deal records and intelligence history — will be permanently and irreversibly deleted from active systems and backups, subject to any legal record-keeping requirements.
– In the case of cancellation due to non-payment, the deletion timeline follows Section 6.3 of the TOS (Day 29 from payment failure).
– At the Client’s written request, and subject to legal obligations, Estajo will confirm in writing when deletion of Client Data from its systems has been completed.

10. LIABILITY AND INDEMNIFICATION

Liability under this DPA is subject to the limitations and exclusions set out in the TOS, except where Applicable Data Protection Law prohibits such limitations.

Each party will be responsible for damages arising from its own breach of this DPA or Applicable Data Protection Law in accordance with the liability provisions of the TOS.

11. TERM AND CANCELLATION

This DPA applies for as long as Estajo processes Client Data on behalf of the Client under the TOS. Provisions relating to data protection, confidentiality, and data deletion survive cancellation of the TOS to the extent necessary to give effect to those obligations.

12. GENERAL PROVISIONS

Governing Law and Jurisdiction: As specified in the TOS — the laws of Ontario, Canada and applicable federal Canadian laws, with exclusive jurisdiction in Ottawa, Ontario.

Order of Precedence: In case of conflict, this DPA prevails over the TOS with respect to data protection matters.

Severability: If any provision is held invalid or unenforceable, the remaining provisions remain in full force.

Amendments: Estajo may update this DPA to reflect legal or operational changes, providing at least 30 days’ notice. Continued use of the Service after the effective date constitutes acceptance of the updated DPA.

APPENDIX 1 — SUB-PROCESSOR LIST

Current as of: May 17th, 2026

All plan features and limits are shared across all Users on the account unless otherwise stated. Active project limits apply to open deals only — closed deals do not count toward the active project limit.

Estajo will provide at least 30 days’ prior notice of any additions or material changes to this list via email or in-app notification. This list was last updated May 17th, 2026.

APPENDIX 2 — TECHNICAL AND ORGANIZATIONAL MEASURES (SUMMARY)

Estajo maintains the following measures to protect Client Data:

Access Control: Role-based access permissions, unique credentials, multi-factor authentication for administrator access, and session management.

Encryption: TLS encryption for data in transit; industry-standard encryption (AES-256 or equivalent) for data at rest.

Network and Application Security: Firewalls, security monitoring, vulnerability management, and secure software development practices.

Resilience and Backup: Regular backups, defined retention schedules, and disaster recovery and business continuity planning.

Personnel Security: Confidentiality obligations for all personnel with access to Client Data, and security awareness practices.

Physical Security: Client Data is hosted in secure data centers operated by our infrastructure Sub-processors (Microsoft Azure and Amazon Web Services) with restricted physical access and environmental controls.

These measures may be updated over time, provided the overall level of protection is not materially reduced. Estajo will notify Clients of any changes that materially affect the protection of Client Data.

APPENDIX 3 — CONTACT INFORMATION

For all privacy, data protection, and legal matters:

Legal and Privacy: legal@estajo.com
Product Support: help@estajo.com

Estajo — Legal
Operated by: Ifiok Charles
Address: 105 Champagne Avenue, Ottawa, Ontario, K1S 5E5, Canada

DOCUMENT CONTROL

Version History:
– Version 1.0 — December 17th, 2025 (initial release)
– Version 1.1 — May 17th, 2026 (updated for sole proprietorship, Canada/US scope, AI sub-processors, cancellation language, Closed Deal Archive, active project limit clarification, data export features, Super Admin bulk download, shared features, AI chatbox/analysis export exclusions, support contact information, 30-day grace period)

This document will be reviewed periodically and updated as necessary to reflect changes in the Service, legal requirements, or industry best practices.