Privacy Policy

SimpL S.r.l. ("SimpL," "we," "us," or "our") is committed to protecting and respecting your privacy. This Privacy Policy ("Policy") describes how we collect, use, store, share, and protect personal data in compliance with the General Data Protection Regulation (GDPR) when you: • Visit and use our website(s): simpl.sales (the "Website"). • Interact with our software platform, subscription services, or related tools and applications (collectively, the "Services"). • Communicate with us by email, phone, or other channels. By using our Services, you agree to the collection and use of personal data according to this Policy. However, if you do not agree with any part of this Policy, please do not use our Services.

• Company Name: SimpL S.r.l. • Registered Address: Via Vittor Pisani 8, 20124 Milan, Italy • Privacy Contact: Privacy Team • Email: privacy@simpl.sales SimpL provides B2B lead-generation software that helps recruiting and staffing agencies identify, enrich, and score potential sales leads based on publicly available data and customer-defined ideal customer profiles ("ICPs"). Our Role as Data Controller / Processor SimpL S.r.l. is generally the Data Controller of personal data we collect for our own purposes (e.g., operating our Website, creating user accounts, billing). However, in certain cases—when our customers upload, input, or otherwise manage personal data regarding their own leads or candidates in our platform—our customers act as Data Controllers, and SimpL processes such data as their Data Processor according to their instructions and our contractual agreements.

This Policy applies to information we collect from: 1. Website Visitors – Individuals who browse our publicly accessible Website. 2. Customers and Authorized Users – Individuals or entities subscribing to our Services (including users who access leads, pipelines, or team features). 3. Leads and Business Contacts – Individuals whose data we collect, enrich, or score on behalf of our customers for recruiting or sales outreach purposes. Important: This Policy does not cover information collected offline or by any third-party websites/services not under our control.

We process personal data for the following GDPR-compliant purposes: 1. Service Provision & Operations • Creating and managing user accounts. • Generating and refining daily lead databases. • Matching leads against ICPs. • Implementing AI-driven scoring and analytics. 2. Billing & Subscription Management • Handling subscription payments for single or multi-user licenses. • Enforcing subscription terms (usage limits, team features, etc.). 3. Customer Support & Communications • Addressing inquiries, troubleshooting, and feedback. • Sending updates about features, policy changes, or service notifications. 4. Research & Development (R&D) • Improving our AI models, scoring algorithms, and platform functionalities. • Conducting aggregate analytics on usage trends. • Creating anonymized or de-identified data sets for business insights. 5. Marketing (With Consent, If Required) • Sending optional promotional emails or updates about features and expansions. • You may opt out at any time. 6. Legal & Compliance • Complying with applicable laws, regulations, or legal processes. • Investigating fraudulent, unauthorized, or malicious activity (e.g., hacking, identity theft). • Enforcing agreements, including Terms of Service and subscription contracts. 7. Other: With your explicit consent for any additional purpose disclosed at the time of collection.

If you reside in the European Economic Area (EEA) or UK, the lawful bases under the GDPR/UK GDPR include: • Performance of a Contract: Necessary to provide the Services or perform a contract. • Legitimate Interests: For platform operations, fraud prevention, direct marketing, or analytics, unless overridden by your data protection interests. • Consent: For marketing communications, cookies (where required), or data sharing not covered by legitimate interests. You can withdraw consent at any time. • Legal Obligations: Compliance with applicable laws (e.g., tax, accounting, or data protection requirements).

We implement commercially reasonable measures to safeguard personal data, including: • Encryption in transit and/or at rest (where feasible). • Access controls and authentication. • Firewalls and network monitoring. While no method of transmission or storage is 100% secure, we make good-faith efforts to protect your data. In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected individuals and/or supervisory authorities promptly, in line with GDPR requirements.

If you are in the EEA or UK, you have the following rights regarding your personal data, subject to certain legal limitations: 1. Right of Access: Request a copy of your personal data and supplementary information. 2. Right to Rectification: Correct inaccurate or incomplete personal data. 3. Right to Erasure ("Right to be Forgotten"): Request deletion of your data where there's no lawful basis for continued processing. 4. Right to Restrict Processing: Ask us to restrict the processing of your data under certain circumstances. 5. Right to Object: Object to processing based on legitimate interests or for direct marketing purposes. 6. Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller. 7. Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time without affecting previous lawful processing. To exercise these rights, please email us at privacy@simpl.sales. We may require reasonable proof of your identity to protect personal data from unauthorized access. Right to Lodge a Complaint: If you believe your rights have been violated, you can also file a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) or with the supervisory authority in the EU Member State of your habitual residence, place of work, or alleged infringement.

We use cookies, web beacons, and local storage for: • Session Management: Keeping you logged in and personalizing content. • Analytics: Understanding usage patterns to improve our Services. • Preferences: Storing language or layout preferences. When you first visit our Website, you may see a cookie banner or consent tool allowing you to accept or reject non-essential cookies. Essential cookies are always enabled for the operation of our site. • Blocking Cookies: You can typically block or delete cookies through your browser settings, but doing so may limit some functionality. • Consent Management: Where required, we ask for your prior consent for non-essential cookies.

We retain personal data only as long as necessary to fulfill the purposes outlined in this Policy, including to: • Provide and improve our Services. • Comply with legal or accounting obligations (e.g., tax record-keeping). • Resolve disputes or enforce agreements. For example: • Account Data is retained for as long as your account remains active and for up to 2 years after closure for legal or contractual obligations. • Billing / Transaction Records are retained for 7 years per local tax/accounting rules. • Marketing Data is retained until you unsubscribe or for up to 2 years from your last interaction. We regularly review such data and delete or anonymize it when it is no longer required.

Our Services are not intended for individuals under 16 years of age (or the minimum age required by local law). We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us at privacy@simpl.sales, and we will promptly delete it.

We use artificial intelligence and machine learning to enrich and score leads, but no solely automated decision produces legal or similarly significant effects without human intervention. If you have concerns about our AI processes, please contact us to request further information or human review.

We reserve the right to modify or update this Policy at any time. When we make changes, we will: • Post the new version on our Website with an updated "Last Updated" date. • Notify you via email or prominent notice if the changes are significant. Continuing to use our Services after such updates indicates your acceptance of the revised Policy.

If you have any questions, requests, or concerns about this Policy or your personal data, please contact us: SimpL S.r.l. Attn: Privacy Team Via Vittor Pisani 8 20124 Milan, Italy Email: privacy@simpl.sales We aim to respond to your request within one month (or as required by GDPR). Thank you for trusting SimpL with your data!