NCS Pearson, Inc. respects your privacy and has adopted this Privacy and Cookies Policy for the CompTIA Store located at https://store.comptia.org ("CompTIA Store") in coordination with CompTIA, Inc. (hereinafter "Privacy Policy"). This Privacy Policy is global in nature and describes our data protection practices and the types of information that you provide to us on this website; information we may collect automatically in the operation of our website, web pages, and emails that link to this Privacy Policy (collectively this "Site(s)"); users of our products and services; individuals purchasing study aides, books, e-books, tests, practice tests, vouchers and our other products and services available in the CompTIA Store. This Privacy Policy does not apply to any other websites or services hosted or provided by NCS Pearson, Inc.

In addition, this Privacy Policy describes your rights and responsibilities, our rights and responsibilities, how we use the information we collect or receive; with whom we share the information with; the measures we take to protect the security of Personal Data from loss, misuse and unauthorized access, the choices you can make about providing your Personal Data to us as it relates to your certification, credentialing, licensure, regulatory, and academic admission testing experience; and how you can contact us. All references to ‘our’, ‘us’, or ‘we’, in this Privacy Policy and within the opt-in notice are deemed to refer to the CompTIA Store.

The rights and responsibilities described in our Privacy Policy do not cover third party websites that may be linked to our Site(s) or referred to on this Site(s). These third party websites have their own privacy policies and we encourage you to read and review them.

For purposes of this Privacy Policy, "Personal Data" is any information that can be used to identify you or that when added with other Personal Data can be linked to you and includes, but is not limited to: personal contact detail (name, street address, email address, phone number, fax number, credit/debit card information, company and title).

This Privacy Policy describes:

• YOUR RIGHTS AND RESPONSIBILITIES
• OUR RIGHTS AND RESPONSIBILITIES
• COMPLIANCE WITH THE EU-U.S. AND SWISS-U.S. PRIVACY SHIELD FRAMEWORKS
• E-COMMERCE
• THIRD PARTY WEBSITES AND SOCIAL MEDIA
• INFORMATION RECEIVED FROM INTERNET SERVICE PROVIDERS THROUGH THIS SITE
• DISCLOSURE AND TRANSFER OF INFORMATION
• INFORMATION FROM CHILDREN
• AGGREGATION OF NON-PERSON-SPECIFIC DATA
• EMAIL NEWSLETTERS
• PROTECTION OF CREDIT CARD INFORMATION
• RESOLUTION OF CONCERNS
• COOKIES AND WEB BEACONS
• UPDATES TO THIS PRIVACY POLICY
• HOW TO CONTACT US

YOUR RIGHTS & RESPONSIBILITIES You agree that by visiting and/or providing, transmitting, or having another party you have authorized provide or transmit your Personal Data to us on any of our Sites, you are accepting the practices described in this Privacy Policy and any updates made to this Privacy Policy. It is your responsibility to read this Privacy Policy and check for updates on a regular basis. By continuing to use our Site, products or services after such updates have been made you are agreeing to be bound by any changes to this Privacy Policy.

You are never required to provide us with your Personal Data. If you do not agree to this Privacy Policy, please do not provide, transmit or allow anyone else to provide or transmit your Personal Data to us; however, if you decide to not provide to us your Personal Data it may affect our ability to to provide to you other products or services offered.

You agree that we may collect or receive, use, process, disclose, transfer and retain your Personal Data as described herein. This Privacy Policy governs your use of any and all of our Sites and in purchasing our products and services in general. We will use your Personal Data only for the purposes set forth herein.

As the subject of the Personal Data collected, you have rights related to the Personal Data that we hold about you.

At any time you have the right to:

• Request access to the information we hold, use, or disclose about you.
• Ask us to correct or how to correct any inaccurate or incomplete information we have about you or request us to make the corrections.
• Request us to delete your information from our records, subject to the approval of your test sponsor.
• Withdraw consents you have given, where our collection and use is based upon your consent.
• Ask us to send a copy of your Personal Data to a third party in a data portable format, subject to the approval of your test sponsor.
• Opt-out of the sale of your Personal Data.

You may request access, correction, or deletion of Personal Data you have submitted by logging into your account or calling our toll-free number at 1-877-460-2204.

Upon receiving your request, we may need additional information from you to verify your identity and to better understand what it is you are requesting. In this case, we may ask you to provide additional information, including information you have previously disclosed to us, to confirm your identity. If you wish to designate an authorized agent under any applicable law, please contact us by any means listed above and we will coordinate that designation. We will respond to access requests within a reasonable amount of time in accordance with state and national laws and requirements. We recognize that you may have a right to not receive discriminatory treatment by exercising any of the rights listed above. We will not charge a fee to respond to a request, unless it is excessive, repetitive or unfounded. If a fee will apply, we will advise the requester before completing the request, explain why a fee applies and provide an estimate of the fee.

Additionally, if you have questions or requests regarding the above, please contact us as outlined in the HOW TO CONTACT US section below.

OUR RIGHTS & RESPONSIBILITIES

We will provide you access to these Rights and Responsibilities and any subsequent updates.

We encourage you to periodically review this Privacy Policy to learn more about our information practices as they change over time. We reserve the right to update this Privacy Policy periodically, without notice. A change in the effective date will indicate that the Privacy Policy has been updated. Any changes to our Privacy Policy will become effective upon posting of the revised Privacy Policy on our Site(s). Your use of our Site(s), and any of our products and services following such changes constitutes your acceptance of the revised Privacy Policy then in effect.

We rely on the following legal grounds to process your Personal Data:

• Performance of a contract. We may need to collect and process your Personal Data as necessary to perform services subject to a contractual agreement with you. Examples of our legal grounds to process your Personal Data as being necessary for the performance of a contract include, but are not limited towhen you make an online purchase in order for the purpose of allowing us to deliver the purchased product.
• Consent. Where we ask you for your consent, we will collect and use your Personal Data only to the extent you have consented.
• Legitimate interests. We may use your Personal Data for our legitimate interests for the purposes of improving our products and services and improving the content of our Site(s).

The CompTIA Store and its subcontractors will at all times protect your Personal Data with operational, administrative, technical, and physical security safeguards.

We do not disclose your Personal Data to third parties unless otherwise stated herein. We do not monetize Personal Information. We do not sell, and have not sold, within the last twelve (12) months, any Personal Information collected through the Services, except to the extent that third party targeted advertising cookies and related technologies are ultimately determined to be a "sale" for purposes of the California Consumer Privacy Act. The following categories of personal information may have been collected and shared through such cookies and related technologies during the past 12 months within the digital advertising ecosystem: Identifiers (limited to a numeric identifier, such as an IP address) Commercial Information, Internet or Similar Network Activity, Geolocation Data and Inferences draw from other Personal Information.

COMPLIANCE WITH THE EU-U.S. AND SWISS-U.S. PRIVACY SHIELD FRAMEWORKS

EU-U.S. and Swiss-U.S. Privacy Shield Frameworks
Consistent with our commitment to protect Personal Data worldwide we are dedicated to providing privacy protection as defined by the European community and Swiss laws for the handling of Personal Data received from individuals in the European Union member states (including Iceland, Liechtenstein and Norway) (collectively the "EU member states" or the "EU") and Switzerland. The CompTIA Store complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework principles as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the EU member states and Switzerland to the United States. The CompTIA Store has certified to the Department of Commerce that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability (the "Privacy Shield Principles"). To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.

The CompTIA Store is responsible for the processing of Personal Data it receives, under each Privacy Shield Framework, and subsequently transfers to other companies and individuals to perform functions or services on our behalf.

We comply with the Privacy Shield Principles for all onward transfers of Personal data from the EU member states and Switzerland.

The CompTIA Store has further committed to cooperate with the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU or Switzerland. Click on Resolution of Concerns for more detailed information.

Additionally, the CompTIA Store is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. As further explained on the Privacy Shield website at https://www.privacyshield.gov, as a last resort and in limited situations, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

DATA CATEGORIES

Depending on the Services, we may collect and/or disclose to third parties the following categories of data in order to manage day to day business needs including, but not limited to, providing you with our services, performing services on behalf of a business, payment processing and financial account management, business planning and forecasting, system improvements, security and fraud prevention, and compliance with legal and regulatory obligations:
(A) Identifiers such as a real name, address, unique personal identifiers, or email address (B) Customer records such as signature (C) Commercial information, such as products or services purchased, obtained, or considered (D) Internet or other electronic network activity information such as information regarding a consumer’s interaction with an Internet Web site, application, or advertisement (E) Geolocation data (F) Professional or employment-related information (G) Education information (H) Inferences about preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

E-COMMERCE

Description of E-commerce Services
The CompTIA Store’s e-commerce Sites provide you with the opportunity to purchase certification, credentialing, licensure, and academic admission test related products and services.

Personal Data Collected for Ecommerce Services
We clearly identify what information must be provided by you in order for us to deliver the various products, services, and information that you may have requested. Depending on your choices, we will require different types of information for these various products, services, and information. You may also choose to provide additional or optional information to enhance the services we may provide to you. The Personal Data that we may collect includes:

• Contact and shipping information, as well as purchase history, and payment information.
• Information regarding your use of the Site (i.e., pages visited, files downloaded).
• In the event you wish to ‘email a friend’ telling them about the products available on our e-commerce Sites, you will be given the opportunity to enter the friend’s email address, include your personal message, hit send and your message is on its way. We will not store the ‘email a friend’s’ address and we will not send any email messages to them beyond the ‘email a friend message’ you sent from our Site. No ‘email a friend’ email addresses will be sold or used for promotional purposes.

How We Use the Personal Data We Collect
We use the Personal Data you provide to the CompTIA Store to provide services and information you request, to process transactions, fulfill product delivery and for legitimate purposes in operating our business. Additionally, we use information collected about your use of our site for legitimate business interests to understand the habits of our Site users and to improve the products, services, and content we offer.

THIRD PARTY WEBSITES AND SOCIAL MEDIA

We may also collect information via third party websites such as Google, or via social media such as Twitter and Facebook. This information may include your name, address, username, email address, website visited, content posted, IP address, nationality, language, and other publicly available demographics. This information is used to improve the products and services that we offer, to identify and resolve customer service issues, and to provide the information and services you request.

INFORMATION RECEIVED FROM INTERNET SERVICE PROVIDERS THROUGH THIS SITE

This Site receives information that is automatically generated by a user’s Internet service provider (ISP), browser or mobile device. This information may include the IP address, the associated URLs, domain names, the browser type, the approximate location of the ISP’s servers, the pages of our Site that the user views, and any search terms entered on this Site. This information may be collected for system administration purposes, to gather broad demographic information and to monitor the level of activity on the Site. We reserve the right to link this information to your Personal Data in order to protect the integrity of our system and for security purposes.

DISCLOSURE AND TRANSFER OF INFORMATION

We will comply with the privacy and data collection laws of the jurisdiction of the individual from whom the information is being collected. Personal Data and information of test candidates located outside of the United States will be transferred to the CompTIA Store and our third party partners in the United States and elsewhere in the world only to facilitate the purpose for which it was collected. Our computer operations are currently based in the United States. The Internet is a global environment. By using this Site and sending information and Personal Data to us electronically, you consent to trans-border and international transmission of any data that you may choose to supply us to any country in the world, including countries without an adequate level of data protection. Information and Personal Data transmissions to this Site and emails sent to us may not be secure. Given the inherent operation and nature of the Internet, all Internet transmissions are done at the user’s own risk.

Transfer of Information to CompTIA, Inc.
By purchasing services or products from the CompTIA Store you agree to allow your Personal Data to be transmitted by us to CompTIA, Inc. For more information about how CompTIA, Inc may collect and use your Personal Data we encourage you to review CompTIA, Inc.’s privacy policy.

Other Disclosure and Transfer of Information
We may disclose Personal Data in the following situations: (a) in response to a subpoena, court order or legal process, to the extent permitted and required by law; (b) to protect your security, or the security of other persons, consistent with applicable law; (c) to address actual or suspected fraud or other illegal activities; (d) in connection with a sale, joint venture or other transfer of some or all of the assets of NCS Pearson, Inc.; (e) where you explicitly agree to allow the CompTIA Store to disclose your Personal Data to select third parties; and (f) to our subcontractors and/or agents (such as, those third parties hosting one or more of our website’s; processing credit card transactions and payments; fulfilling and processing orders; assisting us with marketing and promotions; collecting web analytics data, etc.) for the purpose of enabling them to perform services on our behalf.

The CompTIA Store will have agreements in place with its third party subcontractors and/or agents prior to the transfer of any Personal Data requiring that such subcontractors and/or agents (i) only use the Personal Data for purposes identified by the CompTIA Store; (ii) protect the Personal Data in a manner that is consistent with this Privacy Policy and the Principles as set forth in EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework; and (iii) notify the CompTIA Store if such subcontractor and/or agent makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles. In cases of onward transfers the CompTIA Store complies with the Privacy Shield Principles for onward transfers of Personal Data from the EU, EEA and Switzerland, including the onward transfer liability provisions.

By providing your personal information to us, or in cases when we receive your Personal Data from another person acting upon your direction and on your behalf, you agree that your Personal Data can be transmitted in the situations outlined above.

In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

We do not provide your Personal Data to any third parties who are not connected with the services we provide or relate to such products or services unless you agree. Except as disclosed in this Privacy Policy, we will not provide your Personal Data to third parties.

INFORMATION FROM CHILDREN

We recognize the importance of protecting privacy where children are involved. We are committed to protecting children's privacy and we comply fully with the Children's Online Privacy Protection Act (COPPA) and similar laws and regulations. We do not knowingly collect Personal Data from children under the age of 13. If a child under the age of 13 has provided us with Personal Data, without a signed parental consent form, we ask that a parent or guardian contact us at PearsonVUEContracts@pearson.com or you may call us at 1 (952) 681-3918. If you are under 18, please be sure to read this Privacy Policy with your parent(s) or legal guardian(s) and ask questions about things you do not understand.

EMAIL NEWSLETTERS

We may use your email address to send you email newsletters about certification, credentialing, licensure, or academic admission testing. You may opt out of receiving the newsletter at any time by notifying us by email at PVMarketing@pearson.com or following the opt-out instructions provided in the email newsletter.

PROTECTION OF CREDIT CARD INFORMATION

Individuals who make online purchases will be asked to provide credit/debit card information, which may include payment instrument number (e.g., credit card), name and billing address, the security code associated with the credit/debit card information, organizational tax ID, and other financial data ("Payment Data"). We use Payment Data to complete transactions, as well as to detect and prevent fraud. We will retain your Payment Data for as long as reasonably necessary to complete the transaction, to comply with our legal and reporting requirements, and to detect and prevent credit/debit card fraud. We provide a secured transmission method for the electronic transmission of credit/debit card information.

RESOLUTION OF CONCERNS The CompTIA Store commits to resolve complaints about your privacy and our collection, use, transfer, or processing of your Personal Data. Individuals with inquires or concerns regarding this Privacy Policy should first contact the CompTIA Store at PearsonVUEContracts@pearson.com or you may call us at +1 (952) 681-3918. The CompTIA Store endeavors to respond to your inquiry within 30 days. If you believe you have not received a timely acknowledgement of your inquiry or concern, or if you believe your inquiry or concern was not satisfactorily addressed by the CompTIA Store you should contact (at no charge) your state or national data protection authority. A list of National Data Protection Authorities can be found by clicking on National Data Protection Authorities. The CompTIA Store has committed to cooperate with the Data Protection Authorities and will comply with the information and advice provided to it by the panel of DPAs in relation to such unresolved complaints.

As further explained on the Privacy Shield website at https://www.privacyshield.gov, as a last resort and in limited situations, you may invoke binding arbitration when other dispute resolution processes have been exhausted.

COOKIES AND WEB BEACONS

We use browser cookies and similar technologies (collectively, "Cookies") to collect and store certain information when you use, access, or interact with our Site(s). We may, for example, collect information about the type of device you use to access the Site(s), the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the content you view and features you access on the Site(s), the web pages you view immediately before and after you access the Sites(s), whether and how you interact with content available on the Site(s), and the search terms you enter on the Site(s). For information about how we use Cookies and the choices you may have, please see below. By using our Site(s), you agree to the our use of the cookies as described above and to our use of web beacons for the collection of information in order to provide the products or services you have requested and for improvements, as we deem appropriate for our legitimate purposes, related to our products and services.

Cookies. Cookies are small text files that a web server places on your computer or mobile device. Cookies contain information that can later be read by the web server that originally placed the cookie on your computer or mobile device. Below is a list of the main types of cookies we use and what we use them for:

• Strictly Necessary Cookies: These cookies are essential in order to enable you to move around the Site and use its features, such as accessing secure areas of this Site. Without these cookies services you have asked for, like shopping baskets or e-billing, cannot be provided.
• Performance Cookies: These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. Some of the performance cookies are analytics cookies using third party web analytics software, which allow us to understand more about how our Site is used. Performance cookies are not used to collect information that identifies a visitor. All information these performance cookies collect is aggregated and therefore anonymous. The aggregated data is only used by us to improve how our Site works. We might also use performance cookies to highlight our products or services which we think will be of interest to you based on your use of our Site. By using this Site you agree we may place these types of cookies on your device.
• Functionality Cookies: These cookies allow the Site to remember choices you make (such as your user name, language or the region you are located in) and provide enhanced, more personal features. For instance, these cookies can be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies is not used to track your browsing activity on other websites. These cookies are known as "functionality cookies" and help to improve a user’s experience of a website by providing a more personalized service. By using this Site you agree we may place these types of cookies on your device.
• Targeting or advertising cookies: These cookies are used to deliver advertising materials relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organization. Most of our Sites do not use targeting cookies. By using this Site you agree we may place these types of cookies on your device.
• 3rd Party Cookies and Social Networks. If you click on a hyperlink from this Site to any third party websites (for example, if you 'share' content from our Site with friends or colleagues through social networks (such as Facebook or Twitter) or use third party services together with this Site, you may be acquire cookies from these third party websites. Third party websites will have their own privacy and cookie policies which we do not and cannot control. Please check the third-party websites for more information about their cookies and how to manage them. You should always review these third-party websites privacy policies.

How to manage cookies
If you block cookies or cookies are not enabled on your computer, it will mean that your browsing or shopping experience on our websites will be limited. Some active content, movies and online shopping baskets, for example, may not work correctly. To turn cookies on or off for all of our websites via your web browser, you can follow the instructions provided by the UK Information Commission Office at https://ico.org.uk/for-the-public/online/cookies/.

Web Beacons. Web Beacons are small strings of code that provide a method for delivering a graphic image on a web page for the purpose of transferring data. For example, when you visit a page on this Site, the code for the page being visited may be transferred to us. The information transmitted to us is only used internally by us and is not shared with any third parties, except as provided in this Privacy Policy. We use this information for the following purposes:

• To allow us to better understand the traffic patterns within our websites and, subsequently, to adjust our content to better respond to our visitors interests; and
• To use the information we obtain to suggest materials and resources that may be of interest to you based on your use of our Site.

Do Not Track Signals.This Site does not respond to web browser "do not track" signals or comparable signals or mechanisms.

UPDATES TO THIS PRIVACY POLICY

We reserve the right to update the terms of this Privacy Policy from time to time. We encourage you to visit and review this Privacy Policy periodically to ensure you agree with any changes or updates. We will post our revised privacy notice on our website and update the ‘Revision Date’ to reflect the date of the changes.

By continuing to use our website after we post any such changes or updates you accept the privacy notice as modified.

HOW TO CONTACT US

• If you have any questions or concerns about this Privacy Policy or have a request regarding your rights as a data subject, you may email the CompTIA Store’s privacy representative at PearsonVUEContracts@pearson.com. You may also contact us at 1-877-460-2204.

Revision Date: December 30, 2019