This privacy policy (“Privacy Policy”) discloses the privacy practices of IDENCE, AE’s online customer identity and access management platform (“IDENCE”, “we”, “us”, or “our”).

AE values the privacy of individuals who use the IDENCE platform and other services (“IDENCE and Other Services”) and we are dedicated to safeguarding all personal data that we collect.

This Privacy Policy applies to personal data that we collect from users accessing and using IDENCE and
Other Services.

We collect and process your personal data in accordance with the rules of the Regulation (EU) 2016/679
of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with
regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), and the national implementing legislation.

We reserve the right to make any changes to our Privacy Policy. By using IDENCE and Other Services you
give us permission to collect your personal data for the purposes as indicated in this Privacy Policy.

This Privacy Policy describes the personal data we collect, how we use personal data, security measures
and your data, your rights.

1. Information we collect

IDENCE may collect and receive information and data in a variety of ways:

  • Webportal access.

To create or update a Webportal access Customer supplies IDENCE with an email address, phone number, password, domain and/or similar account details. your first name, last name, email address, and company
name (if applicable).

  • Usage Information.
  • Cookie Information.

IDENCE uses cookies and similar technologies in our Webportal and Services that help us collect information. The Webportal and Services may also include cookies and similar tracking technologies of third parties, which may collect Other Information about you via
the Website and Services and across other websites and online services. For more details about how we use these technologies, please see our Cookie Policy.

  • Third Party Services.

Customer can choose to permit or restrict Third Party Services for their Webportal. Typically, Third Party
Services are software that integrate with our Services, and Customer can permit its Authorized Users to
enable and disable these integrations for their Webportal. Once enabled, the provider of a Third Party
Service may share certain information with IDENCE. For example, if a cloud storage application is enabled
to permit files to be imported to a Webportal, we may receive user name and email address of Authorized
Users, along with additional information that the application has elected to make available to IDENCE to facilitate the integration. Authorized Users should check the privacy settings and notices in these Third
Party Services to understand what data may be disclosed to IDENCE. When a Third Party Service is enabled, IDENCE is authorized to connect and access Other Information made available to IDENCE in accordance
with our agreement with the Third Party Provider. For example, you may choose to sign-in using your Google,
or your company identity provider account. By signing-in using your Third Party account, the Third Party will supply IDENCE any and all information that you have authorized the Third Party to provide to us. Such information may include your first and last name, unique identifier, e-mail address and picture. If you would
like to know more about 3rd parties or any other information about them, you can write an email to

  • Contact Information.

In accordance with the consent process provided by your device, any contact information that an Authorized User chooses to import is collected when using the Services.

  • Third Party Data.

IDENCE may receive data about organizations, industries, marketing campaigns and other matters related to our business from parent corporation(s), affiliates and subsidiaries, our partners or others that we use to make our own information better or more useful. This data may be combined with other information we collect and might include aggregate level data, such as which IP addresses correspond to zip codes or countries. Or it
might be more specific: for example, how well an online marketing or email campaign performed.

2. How we use information

We use your personal data to establish and enhance our relationship with you. We also use your personal data
to provide, maintain, protect, promote and improve our IDENCE platform and to develop new services. Your personal data is only stored for as long as necessary to achieve the purposes for which they were collected.

We may use your personal data;

  • to communicate with you. For example, to provide feedback to your questions, to promote our services
    to you, or to share content that we think you may be interested in.

  • to customize our service to you. For example, we may re-use your personal data so you don’t have to
    re-enter it again at a later time or to tailor what content we deliver to you.

  • to facilitate delivery of IDENCE and other services.

  • for our own internal reports so that we can monitor and improve our services.

  • for our customer’s reports if you are an end user of our customer.

We may also provide personal data to third parties that perform internal business functions on our behalf.
We only work with third parties that are GDPR compliant.

We may also share anonymous aggregated data with our customers, prospective customers, partners or
the press in order to demonstrate the usage of IDENCE and other services and for marketing purposes.

We will only disclose your personal data:

  • with your consent. We will only share personal data with companies other than AE NV with your consent. Please be aware that any personal data that you choose to display on any publicly available portion of our website or on our social media channels becomes publicly available and may be collected and used by us and other parties.

  • for legal reasons. We may disclose personal data if we are required to by a subpoena or by any other judicial or administrative order required by law.

  • To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, property or safety
    of IDENCE or third parties, including enforcing contracts or policies, or in connection with investigating
    and preventing fraud or security issues.

3. Security

IDENCE implements reasonable and appropriate security measures to protect your personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in processing and the nature of such data, and comply with applicable laws and regulations. IDENCE conducts penetration tests and audits of its servers and networks.

Please understand, however, that no security system is impenetrable. We cannot guarantee the security of
our databases, nor can we guarantee that the information you supply will not be intercepted while being transmitted to and from us over the Internet. In particular, e-mail sent to or from the Service may not be
secure, and you should therefore take special care in deciding what information you send to us via e-mail.
Any unauthorized access to or use of this Service or information collected and maintained by this Service
should be immediately brought to our attention by sending us an email at

4. Your data, your rights

You have a right to be informed of Personal Data processed by IDENCE, a right to rectification/correction, erasure and restriction of processing. You also have the right to receive from IDENCE a structured, common
and machine-readable format of Personal Data you provided to us.

We can only identify you via your email address and we can only adhere to your request and provide
information if we have Personal Data about you through you having made contact with us directly
and/or you using our site and/or service. We cannot provide, rectify or delete any data that we store
on behalf of our Authorized Users or Customers.

To exercise any of the rights mentioned in this Privacy Policy and/or in the event of questions or comments relating to the use of Personal Data you may contact IDENCE's privacy team:

Where you have provided consent, you may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever you withdraw consent, you acknowledge
and accept that this may have a negative influence on the quality of IDENCE or even impede the provision
of the Services . You further agree that IDENCE shall not be held liable with respect to any loss and/or
damage to your Personal Data if you choose to withdraw consent.

Where Personal Data is processed for the above purposes on the basis of IDENCE's legitimate interests, under the GDPR, you may object to such processing at any time. To do so please contact: