B. Sensei adheres to the U.S. Safe Harbor privacy principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access, and Enforcement.

A. Information collected by Sensei
1. Sensei collects information about users when they register to receive “Bytes in Brief.” This information includes such things as names, addresses, company names, e-mail addresses and IP addresses.

2. Sensei obtains access to client information through forensic searches requested by the client. All information is subject to a confidentiality clause in the Forensics Services Agreement, which states, “To the extent that Sensei is granted access to trade secrets or other confidential information and materials of Client, Sensei agrees to hold such secrets, information and materials in confidence.”

3. Sensei is not responsible for the content or privacy policies of any web site to which it provides links.

B. Use of Information
1. Information collected is used internally within the company to deliver “Bytes in Brief” and to analyze demographic information about subscribers/users.

2. Sensei does not and will not share personal information with any Third Party, other than by court order.

3. Sensei does not use any personal information to mail or e-mail promotional materials on its own behalf.

4. Sensei does not use “cookies.”

5. Upon request Sensei will remove users (and their personal information) from our database.

6. Information obtained from clients under a Forensic Services Agreement will only be used by Sensei in connection with and under the terms of the agreement.

A. Use of information by a Third Party
Sensei does not and will not share personal information with a Third Party. If Sensei is going to disclose information to a third party, we pledge to give users the opportunity to opt-out of providing their personal information.

B. Use Inconsistent with Original Intent
If Sensei is going to use information for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual, we pledge to give users the opportunity to optout of providing their personal information.

C. Sensitive Information
If Sensei is going to collect sensitive information, we pledge to give the user an explicit choice to opt-in if the information is going to be disclosed to a third party, or used for a purpose other than those for which it was originally collected or subsequently authorized by any individual.

1. We also pledge to treat any information from a third party that also identifies the information as sensitive in the same manner.

2. Sensitive information, as defined in the U.S. Safe Harbor Workbook, includes personal information specifying health or medical conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of the individual.

A. Before Sensei will disclose information to a third party, other than by court order, Sensei will abide by the principles of Notice and Choice.

B. Though Sensei does not disclose information to Third Parties, other than by court order, if Sensei discloses information to a Third Party in the future, it will:

1. Ascertain that the Third Party ascribes to the Principles, or is subject to another adequacy finding or

2. Sign a written agreement with such Third Party requiring that the Third Party provide at least the same level of privacy protection as is required by the relevant Principles.

C. As long as Sensei has satisfied the requirements of the Principles, Sensei will not be deemed to have violated the Principles if the Third Party misuses the data, unless Sensei knew or should have known the Third Party would misuse the information in such a way.

A. How Sensei protects client information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

1. Client data that Sensei collects and uses during investigations is kept in a storage locker inside of our computer forensics lab, which is protected by a dualauthentication biometric system.

2. For more sensitive client matters, Sensei stores electronic data within a dualauthentication fire safe within the computer forensics lab accessible only to Sensei’s President, Vice President, and Director of Computer Forensics.

3. Only authorized forensic employees have access to the computer forensics lab and the data stored within it. Non-forensic employees do not have access to the computer forensic lab.

4. Access to and from the computer forensics lab is recorded 24 hours a day, 7 days a week, and recorded footage is archived at the end of every month.

5. Data is removed from the storage locker only when needed and promptly placed back into the storage locker when no longer in use.

6. Client data may not leave the computer forensics lab, or the office facility without first filling out the proper chain-of-custody documentation.

B. How Sensei protects Bytes information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

1. All of the subscriber information is stored within a database that is protected with a secure username and password.

2. The database is not directly accessible online and user information is entered through a web interface.

3. All website access is logged through IP addresses.

A. Sensei will only collect personal information for the purposes for which it is to be used to eliminate misuse and abuse of personal information.

B. Sensei ensures data is relevant for its intended use, accurate, complete, and current.

A. Sensei will allow individuals access to personal information about them that Sensei holds so that the individual can correct, amend, or delete that information where it is inaccurate, except as laid out below.

B. Client requests to access personal information

1. By submitting a request, written, oral and/or e-mail, a client can have access to their data at any point during an investigation.

2. If the client wants to access their data, they need to come onsite to our office location. Clients are not allowed to remotely access their data due to security concerns.

3. If the matter has been resolved and the client requests their data returned to them, then Sensei would arrange a time to have the client pick up their data and/or ship the data back to them using a shipping method that includes tracking.

4. The client owns the data at all times and at no point does Sensei own the client’s data.

5. Sensei will reply to all requests within a timely manner to arrange a mutually agreeable time to have the client's data accessible.

C. Sensei retains the right to refuse access in the following cases as laid out in U.S. Safe Harbor FAQ 8:

1. where disclosure is likely to interfere with the safeguarding of important countervailing public interests, such as national security; defense; or public security;

2. where personal information is processed solely for research or statistical purposes;

3. interference with execution or enforcement of the law, including the prevention, investigation or detection of offenses or the right to a fair trial;

4. interference with private causes of action, including the prevention, investigation or detection of legal claims or the right to a fair trial;

5. disclosure of personal information pertaining to other individual(s) where such references cannot be redacted;

6. breaching a legal or other professional privilege or obligation;

7. breaching the necessary confidentiality of future or ongoing negotiations, such as those involving the acquisition of publicly quoted companies;

8. prejudicing employee security investigations or grievance proceedings;

9. prejudicing the confidentiality that may be necessary for limited periods in connection with employee succession planning and corporate reorganizations;

10. prejudicing the confidentiality that may be necessary in connection with monitoring, inspection or regulatory functions connected with sound economic or financial management; or

11. other circumstances in which the burden or cost of providing access would be disproportionate or the legitimate rights or interests of others would be violated.

D. Sensei retains the right to refuse access if the request cannot be verified, if the requests are harassing or repetitious, and retains the right to charge a reasonable fee to prevent such repetitious requests or where the cost of production would be unduly burdensome.

E. Sensei will make a good faith effort to respond to the access requests within a reasonable time period and without excessive delay.

A. Sensei provides mechanisms for enforcement to ensure compliance with the foregoing principles.

B. Sensei has readily available and affordable independent resource mechanisms by which each individual’s complaints and disputes are investigated and resolved by reference to the Principles.

1. Any dispute may be arbitrated according to the current principles of the American Arbitration Association.

C. Sensei has follow up procedures to verify its privacy practices and ensure it has implemented them as presented.

1. Sensei has in place procedures to ensure all employees abide by its privacy practices.

2. Once a year, Sensei verifies its compliance with the Principles by submitting a letter annually to the U.S. Safe Harbor office.

D. Any questions or concerns with regard to Sensei’s privacy policy can be directed to:

1. The main office number at (703) 359-0700

2. and/or e-mail at sensei@senseient.com.