PRIVACY POLICY

Last Updated August 25, 2025

SKEMA, INC. ("Company", "Skema", or "We") respect your privacy and are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit the website at skema.ai (our "Website") and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

  • On this Website.

  • In email, text, and other electronic messages between you and this Website.

  • Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website.

  • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.

It does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Company or any third party; or

  • Any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website. By accessing or using this Website, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Website, including information:

  • By which you may be personally identified, such as name, e-mail address, or any other identifier by which you may be contacted online or offline ("Personal Information");

  • That is about you but individually does not identify you; and

  • About your internet connection, the equipment you use to access our Website, and usage details.

We collect this information:

  • Directly from you when you provide it to us.

  • From third parties, for example, our business partners.

Categories of Personal Data

We may collect the following categories of personal data: (i) Contact Information (e.g., name, email address), (ii) Usage Data (e.g., IP address, browsing behavior, log data), (iii) Communication Data (e.g., support requests, survey responses), (iv) Technical Data (e.g., device identifiers, browser type, operating system), and (v) Other Information you voluntarily provide.

Categories of Data Subjects

Personal data concerns the following categories of data subjects: (i) Website visitors and users, (ii) Prospective customers, (iii) Customers and their employees/authorized users, and (iv) Individuals who submit feedback or support requests.

Information You Provide to Us

The information we collect on or through our Website may include:

  • Records and copies of your correspondence (including email addresses), if you contact us.

  • Your responses to surveys that we might ask you to complete for research purposes.

You also may provide information to be transmitted to other users of the Website or third parties (collectively, "User Contributions"). Any User Contributions you make are shared at your own risk. Please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

How We Use Your Information

We use Personal Information in ways described below as required to provide our services to you and other Website users, certain legitimate interests, and as necessary to comply with applicable law. Generally, we do not depend on your consent to process your Personal Information when another lawful basis is available. If we require your consent in the future, we will clearly communicate it to you then.

We use information that we collect about you or that you provide to us, including Personal Information:

  • To present our Website and its contents to you.

  • To provide you with information, products, or services that you request from us.

  • To fulfill any other purpose for which you provide it.

  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.

  • To notify you about changes to our Website or any products or services we offer or provide through it.

  • To allow you to participate in interactive features on our Website.

  • In any other way we may describe when you provide the information.

  • For any other purpose, with your consent, goods and services that may be of interest to you. If you do not want us to use your information in this way, please contact us at info@skema.ai. For more information, see "Choices About How We Use and Disclose Your Information."

Other Purposes of Processing (GDPR)

  • To provide and maintain the Website and Services.

  • To manage user accounts and authentication.

  • For marketing and communications (with opt out).

  • For analytics and improving user experience.

  • For customer support and surveying.

  • For security, compliance, and fraud prevention.

Legal Basis for Processing (for EEA/UK users)

  • Performance of contract (e.g., user account management).

  • Legitimate interest (e.g., service improvement, fraud detection), provided such interest doesn’t override data subject rights.

  • Legal obligation (e.g., to retain records for auditing).

  • Consent (e.g., to receive marketing or use non-essential cookies).

Data Sharing and Subprocessors

We may share Personal Data with carefully selected third parties for the purposes described in this Privacy Policy, including:

  1. Service providers and subprocessors that support our Services (e.g., cloud hosting, customer support, analytics);

  2. Affiliates and professional advisors as necessary for business operations;

  3. Legal and regulatory authorities when required to comply with applicable law or enforce our rights.

A current list of our subprocessors, the nature of their services, and their location is maintained at https://www.skema.ai/subprocessors. Each subprocessor is bound by contractual obligations that provide data protection standards equivalent to those required under the GDPR.

Marketing

Skema may inform users on its products and services via marketing emails unless they have opted out of such marketing materials. Other promotional materials will be sent by email with only your consent given simultaneously with your Personal Information. At any time, users can opt out by following the email’s instructions to unsubscribe.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose Personal Information that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates.

  • To contractors, service providers, and other third parties we use to support our business.

  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Skema's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Skema about our Website users is among the assets transferred.

  • To fulfill the purpose for which you provide it.

  • For any other purpose disclosed by us when you provide the information.

  • With your consent.

We may also disclose your Personal Information:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

  • To enforce or apply our terms of use at skema.ai and other agreements, including for billing and collection purposes.

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Skema, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with the following control over your information:

  • Tracking Technologies and Advertising. We use browser cookies to manage the Website, collect and analyze Website statistics, secure our systems, protect against spam, and marketing use. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

Accessing and Correcting Your Information

You may also send us an email at info@skema.ai to request access to, correct or delete any Personal Information that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

If you delete your User Contributions from the Website, copies of your User Contributions may remain viewable in cached and archived pages, or might have been copied or stored by other Website users. Proper access and use of information provided on the Website, including User Contributions, is governed by our terms of use, located at skema.ai.

California residents may have additional Personal Information rights and choices. Please see Your California Privacy Rights for more information.

User Rights

Users subject to European data privacy laws may have data subject rights connected to their Personal Information we obtain. These rights may be subject to conditions and constraints.

EEA users may exercise their rights and contact Skema at info@skema.ai. EEA users can learn more by visiting https://gdpr-info.eu/.

Data Retention Policy

We retain personal data only as long as necessary to fulfill the purposes listed above, or as required by law. For example, account and transactional data may be retained for 3 years, while analytics and log data may be held for 12 months, subject to regular deletion.

Your California Privacy Rights

If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Information. To learn more about your California privacy rights, visit https://oag.ca.gov/privacy/ccpa.

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to info@skema.ai.

International Data Transfers

Notice for citizens of the European Economic Area (“EEA”) per the General Data Protection Regulation (“GDPR”)

Skema is based in the United States with international affiliates. We will keep the data we collect through the Website on servers in the United States, the European Union, and countries outside the EEA. Our affiliates and service providers will also keep the data for reasons described above. The information may also be transferred to our affiliates and service providers to facilitate our business activities and allow you to access the Website.

These countries may offer fewer legal protections for your Personal Information than the EEA. If your Personal Information is transferred to countries outside the EEA, Skema will take requisite action to sufficiently protect your information.

Where personal data is transferred outside the EEA, we rely on: (i) adequacy decisions, (ii) Standard Contractual Clauses, or (iii) other safeguards in compliance with GDPR. You can contact us for more details.

Privacy of Children

The Website is not intended for children under eighteen (18) years of age. In compliance with Article 9 of the GDPR, Skema does not knowingly contact or collect personal information from children below eighteen (18) years of age, nor data related to race or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Please contact us at info@skema.ai if you believe Skema has unknowingly collected such information so that Skema can immediately obtain special consent or destroy said information.

Data Security

We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. More specifically, we implement the following security measures: (i) Encryption in transit (TLS) and at rest (AES 256 or equivalent), (ii) Role based access controls, multi factor authentication, (iii) Regular vulnerability scans and penetration testing, (iv) Incident response plan and backups for disaster recovery, (v) Employee training and confidentiality obligations. All information you provide to us is stored on our secure servers behind firewalls.

The safety and security of your information also depends on you. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our Website. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website. In accordance with the GDPR, if such a circumvention occurs and affects, or is reasonably believed to have affected, your Personal Information, we will notify you within seventy-two (72) hours. Such notification will meet the requirements of O.C.G.A § 10-1-912 by being as expedient as possible and without unreasonable delay, consistent with legitimate needs of law enforcement or any measures necessary to determine the scope of the breach and restore the integrity of the data system.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' Personal Information, we will notify you through a notice on the Website home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:

  • Mailing: Skema Inc., 107 Technology Parkway, Suite 594, Peachtree Corners, GA 30092

  • Email: info@skema.ai