WE WILL POST ANY CHANGES TO THIS PRIVACY POLICY IN A NOTICE OF THE CHANGE AT THE BOTTOM OF OUR WEB PAGE WITH A HYPERLINK THERETO. PLEASE REGULARLY REVIEW THIS PRIVACY POLICY. NOTWITHSTANDING IF YOU CONTINUE TO USE OUR SERVICES, YOU ARE BOUND BY ANY CHANGES THAT WE MAKE TO THIS PRIVACY POLICY.

1. INTRODUCTION

Numberless, Inc. (“Numberless,” “we,” “us,” or “our”) respects the privacy of its Users (“User”, “your” or “you”). Numberless “Services” are (a) an end-to-end encrypted communication application (the “App” or “Port”) that allows people to connect and communicate with each other without using emails, usernames or phone numbers. (b) the websites portmessenger.com, port.numberless.tech, porting.me (collectively referred to as the “Website” or “Web page” or “Websites”).

This Privacy Policy (the “Privacy Policy”) explains how we collect, use, disclose, and safeguard your information when you use our Services. Numberless is committed to protecting the privacy of its Users whose information is collected and stored while using our Services. This Privacy Policy is applicable to our Services offered to the public.

The capitalized terms have the same meaning as ascribed in our Terms of Use or Terms of Service as applicable, unless otherwise noted here.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES. BY ACCESSING OR USING OUR SERVICES, YOU AGREE TO ACCEPT ALL THE TERMS CONTAINED IN THIS PRIVACY POLICY AND ACKNOWLEDGE AND AGREE WITH THE PRACTICES DESCRIBED HEREIN. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS AND USE OUR SERVICES.

IF YOU HAVE ANY QUESTIONS REGARDING THIS PRIVACY POLICY, PLEASE SEND US AN EMAIL AT CONTACT@MAIL.NUMBERLESS.TECH

WE DO NOT SELL YOUR PERSONAL INFORMATION, NOR DO WE INTEND TO DO SO. WE DO NOT GIVE ACCESS TO YOUR PERSONAL INFORMATION TO THIRD PARTIES EXCEPT TO SUBPROCESSORS TO ASSIST US IN THE PROVISION OF OUR SERVICES TO YOU.

2. INFORMATION WE COLLECT ON PORT

We built Port to help connect people without having to share sensitive personal information. This includes the information our users share with us. We pride ourselves on our privacy practices. As such, PORT DOES NOT COLLECT AND STORE ANY PERSONALLY IDENTIFIABLE INFORMATION. This includes information such as User names, emails, phone numbers or IP addresses.

To improve the performance of the App, we sometimes collect anonymised performance and crash reports. These reports DO NOT include IP addresses, device identifiers or any other information that can be used to uniquely identify you.

Additionally, our client codebase is open source and users can verify that the client is not collecting and transmitting any information in violation of this policy.

3. INFORMATION WE COLLECT ON OUR WEBSITES

We use third-party Cookies from Google Analytics on our websites that collect certain information. This includes but is not limited to browser type, operating system, IP address, geography details, pages visited, time spent and interaction data. You can adjust Your Cookie settings through Our Cookie consent manager. You can either (i) accept all Cookies, (ii) accept necessary Cookies, or (c) reject all Cookies when You visit Our Websites.

In addition, we may collect certain personal information (also referred to as “Personally Identifiable Information” or “PII”) if you provide it voluntarily when submitting forms or signing up for a service on our websites.

4. HOW DO WE PROTECT PERSONALLY IDENTIFIABLE INFORMATION WE COLLECT?

1. We have implemented commercially acceptable security policies, rules and technical measures as required under applicable law, to protect any kind of Personally Identifiable Information that we have under our control from unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss.

2. Our Services receive regular security scans, penetration tests, and malware scans. In addition, we mandate the requirement of usernames and passwords for our employees who can access your Personally Identifiable Information that we store and/or process on our servers.

3. All the Personally Identifiable Information you provide to us is stored on our secure servers behind firewalls. The safety and security of your Personally Identifiable Information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

4. However, it is contended that no method of transmission over the internet, or method of electronic storage, is 100% secure. Thus, while we strive to protect your Personally Identifiable Information, we cannot ensure and do not warrant the absolute security of any Personally Identifiable Information you transmit to us. We are not responsible for circumvention of any privacy settings or security measures contained on our Website and/or App.

5. DATA BREACH PROTOCOL

1. In the event of any breach to the Personally Identifiable Information we will, at the earliest instance, intimate the concerned government authority(ies) and the User about such breach, in accordance with applicable law. We will oblige with any directions, including urgent remedial or mitigation measures, as provided by the government authority(ies).

2. We agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

6. DISCLOSURE OF PERSONALLY IDENTIFIABLE INFORMATION

1. There may be instances when Personally Identifiable Information that you have shared with us may be shared with other third-parties (as listed below) to enable us to provide you with our Services, including contractors and service providers (“Partners”). We will ensure that our Partners protect your Personally Identifiable Information in accordance with the safety standards prescribed by applicable law.

2. We reserve the right to disclose your Personally Identifiable Information (i) to comply with any court order, law, or legal process, including to respond to any government or regulatory request, (ii) to enforce or apply our Terms of Use or Terms of Service and other agreements, including for billing and collection purposes, (iii) if we believe it is necessary or appropriate to protect the rights, property, or safety of Numberless, our customers or others, and this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

3. We do not sell, trade, rent, or otherwise transfer Personally Identifiable Information to others.

7. LIST OF THIRD-PARTY SERVICE PROVIDERS

Numberless uses the following third-party service providers for the provision of Services as detailed under the Terms of Use or Terms of Service, as applicable.

Name of Third-Party Service Providers:

1. Amazon Web Services, Inc.

· Role: Cloud infrastructure & hosting

· Data Processed: Customer content (encrypted), API logs, usage metrics

· Location: Global · Privacy Policy: https://aws.amazon.com/privacy/

2. Firebase Cloud Messaging (Google)

· Role: Push-notification delivery service

· Data Processed: Device registration tokens, delivery receipts, crash logs

· Location: Global · Privacy Policy: https://firebase.google.com/support/privacy

3. Sentry (Sentry.io)

· Role: Error monitoring & performance tracking

· Data Processed: Error events (stack traces, exceptions, release data), performance traces, device & environment metadata (including IP addresses)

· Location: Global · Privacy Policy: https://sentry.io/privacy/

Additionally, if you have any questions or concerns about our third-party service providers, please email us at contact@mail.numberless.tech.

8. YOUR RIGHTS

1. Data Retention: We shall retain any Personally Identifiable Information and all the content therein, that you may have provided to us, for as long as required for the specific purpose(s) for which it was collected, stored and processed for.

2. Consent Withdrawal: You can withdraw your consent for storing and/or processing of your Account Information at any time.

3. Objection: You can contact us to let us know that you object to the collection or use of your personal data for certain purposes.

4. Access or deletion of Information: In accordance with applicable law, you have the right to access or request the deletion of your Personally Identifiable Information from our systems.

5. Rectification of Information: If you believe that any Personally Identifiable Information that we are holding about you is incorrect or incomplete, you can request us to correct or supplement the same. You can also correct some of this information directly by logging into your service account. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.

6. Grievance Redressal Mechanism: You have the right to a grievance redressal provided by us in respect of any act or omission by us regarding the performance of our obligations in relation to your Personally Identifiable Information.

7. Restriction of Processing: You can ask us to restrict further processing of your Personally Identifiable Information.

8. Portability: You have the right to ask for a copy of your Personally Identifiable Information in a machine-readable format. You can also request that we transmit the data to another entity where technically feasible.

9. Right to File Complaint: You have the right to lodge a complaint about our practices with respect to your Personally Identifiable Information with the supervisory authority of your country.

To exercise any of the above-mentioned rights or seek further details on the process, you are encouraged to contact us at privacy@mail.numberless.tech.

9. CALIFORNIA PRIVACY RIGHTS

Numberless does not sell, trade, or otherwise transfer to outside third parties your “Personal Information” as the term is defined under the California Civil Code Section § 1798.82(h). Additionally, California Civil Code Section § 1798.83 permits Users of our Services that are California residents to request certain information regarding our disclosure of their Personal Information to third parties for their direct marketing purposes. To make a request for such disclosure, or identification and/or deletion of Personal Information in all our systems that we store on you, please send an email to privacy@mail.numberless.tech.

10. COPPA COMPLIANCE (FOR CHILDREN UNDER 13 USERS ONLY)

The Children’s Online Privacy Protection Act (“COPPA”) is a federal legislation that applies to entities that collect and store “Personal Information,” as the term is defined under COPPA, from children under the age of 13. We are committed to ensure compliance with COPPA. Our Services are not meant for use

by children under the age of 13. We do not collect and store personal information. Our Services do not target children under the age of 13, but we do not age-screen or otherwise prevent the collection, use, and personal disclosure of persons identified as under 13. If you would like to know more about our practices and specifically our practices in relation to COPPA compliance, please email us at contact@mail.numberless.tech.

IF YOU ARE UNDER 13, PLEASE DO NOT ACCESS OR USE OUR SERVICES.

11. CAN-SPAM ACT OF 2003

The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out penalties for violations. Per the CAN-SPAM Act, we will:

1. not use false or misleading subjects or email addresses;

2. identify the email message as an advertisement in some reasonable way;

3. include the physical address of Numberless, Inc., which is Numberless, Inc., 355 Bryant St #407, San Francisco CA 94107.;

4. monitor third-party email marketing services for compliance, if one is used;

5. honor opt-out/unsubscribe requests quickly; and

6. give an “opt-out” or “unsubscribe” option.

12. ANTI-BRIBERY COMPLIANCE

Numberless represents and warrants that it is fully aware of and will comply with, and in the performance of its obligations hereunder will not take any action or omit to take any action that would cause it or its customers to be in violation of, (i) U.S. Foreign Corrupt Practices Act, (ii) U.K. Anti-Bribery Act, (iii) India Prevention of Corruption Act of 1988, or (iv) any other applicable anti-bribery statutes and regulations, and (v) any regulations promulgated under any such laws. Company represents and warrants that neither it nor any of its employees, officers, or directors is an official or employee of any government (or any department, agency or instrumentality of any government), political party, state owned enterprise or a public international organization such as the United Nations, or a representative or any such person (each, an “Official”). Company further represents and warrants that, to its knowledge, neither it nor any of the Supplier Personnel has offered, promised, made or authorized to be made, or provided any contribution, thing of value or gift, or any other type of payment to, or for the private use of, directly or indirectly, any Official for the purpose of influencing or inducing any act or decision of the Official to secure an improper advantage in connection with, or in any way relating to, (A) any government authorization or approval involving Numberless, or (B) the obtaining or retention of business by Numberless. Supplier further represents and warrants that it will not in the future offer, promise, make or otherwise allow to be made or provide any payment and that it will take all lawful and necessary actions to ensure that no payment is promised, made or provided in the future by any of the Supplier Personnel.

13. GOVERNING LAW

We comply with applicable data protection laws, including but not limited to the General Data Protection Regulation (“GDPR”) for users in the European Economic Area (“EEA”), Digital Personal Data Protection Act, 2023, Information Technology Act, 2000 and rules made thereunder and any other relevant laws, regulations applicable in jurisdictions where we offer our Services.

Any legal actions or proceedings arising out of or related to the use of the App must be brought exclusively in the courts of Delaware, the United States of America, and you consent to the exclusive jurisdiction of courts of Delaware, the United States of America.

14. GRIEVANCE OFFICER

The App is committed to addressing grievances in a fair and timely manner. Users can report grievances directly through the app or by contacting our designated grievance officer. Specific concerns are addressed as follows:

1. Reporting Child Sexual Abuse Material (CSAM): If you come across any material on our App that may qualify as CSAM, it must be reported in compliance with applicable law on our App. Such reports will be escalated to the National Center for Missing and Exploited Children (NCMEC), as mandated.

2. Copyright Infringement Claims: If you believe that any content on our App infringes your copyright, you may submit a written notification pursuant to the Digital Millennium Copyright Act of 1998 (“DMCA Takedown Notice”) to our designated Copyright Agent, Aniruddh Balasubramaniam, via email at privacy@mail.numberless.tech. The notification must include:

1. Your physical or electronic signature;

2. Identification of the copyrighted work(s) you claim to be infringed;

3. Identification of the infringing material and its location on the App;

4. Sufficient details to locate the material;

5. Your contact information, including address, phone number, and email;

6. A statement of good faith belief that the material's use is unauthorized; and

7. A statement confirming the accuracy of your claim and, under penalty of perjury, that you are the copyright owner or authorized to act on their behalf.

Please note that incomplete or false notifications may expose the complainant to liability for damages as stipulated under 17 U.S.C. § 512(f).

c. Other Grievances: All other concerns or complaints can be reported through the app or directly to:

Name: Aniruddh Balasubramaniam

Designation: Chief Executive Officer

Email: privacy@mail.numberless.tech

Our team is dedicated to resolving all grievances promptly while ensuring compliance with applicable laws and regulations.

15. MODIFICATIONS TO OUR PRIVACY POLICY

1. We reserve the right to make changes to this Policy at any time. Any such modification will become effective immediately upon Numberless posting it on the Website and notifying you on the App. You agree and acknowledge to periodically review the latest version of the Privacy Policy, as may be updated by us. If you do not agree with the terms of the Policy, you may choose to not use our Services.

2. We will post any changes to this Privacy Policy in a notice of the change on our Website and our App. You agree and acknowledge to regularly review the changes made to the Privacy Policy.

16. CONTACT US

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

Email: privacy@mail.numberless.tech

Address: Numberless, Inc., 355 Bryant St #407, San Francisco CA 94107.

PLEASE NOTE: IF YOU USE OUR SERVICES, YOU HAVE AGREED TO AND ACCEPTED THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY AND OUR TERMS OF USE, AS APPLICABLE. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY OR OUR TERMS OF SERVICE, PLEASE DO NOT USE OUR SERVICES.