Privacy Policy

Layer IQ Technologies, Inc.

Effective Date: March 9, 2026

Layer IQ Technologies, Inc. ("Layer IQ," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with our infrastructure intelligence SaaS platform (the "Service"), available at layer-iq.com, and our related products and services.

Who we are

Layer IQ is a Delaware corporation headquartered in Florida. We provide an infrastructure intelligence platform that helps customers track, analyze, and optimize IT assets and environmental credentials. Our Service is used by IT Asset Disposition (ITAD) providers, enterprise customers, carbon brokers, and other organizations.

Scope of this policy

This policy applies to:

• Personal information we collect from users accessing the Service
• Personal information we process on behalf of our customers (as a Data Processor)
• Personal information we process for our own business purposes (as a Data Controller)
• Personal information processed through our ITEC (IT Environmental Certificate) program

This policy does not apply to information practices of third parties, even if we link to their services. Please review their privacy policies separately.

We collect personal information in several ways:

2.1 Account information

To create and maintain your Layer IQ account, we collect:

• First name
• Last name
• Email address
• Password (encrypted and never stored in plain text)
• Company or organization name
• Job title or role
• Phone number (optional)

2.2 Payment information

When you purchase a subscription or pay for ITEC fees, we collect:

• Billing name and address
• Email address
• Payment method details (processed through our third-party payment processor)

Important: Layer IQ does not directly store full credit card numbers. Payment processing is handled by PCI-compliant third-party processors who maintain and secure payment card information on our behalf.

2.3 Certificate program data

If you participate in our Certificate Program, we collect:

• Asset data you submit (hardware specifications, age, condition, location, environmental data)
• Verification data provided by Bloom ESG and auditors
• Environmental and carbon intensity information
• ITAD facility information and certifications
• Compliance and audit documentation

2.4 Platform usage data

As you use the Service, we collect:

• Queries and searches you perform
• Features and tools you use
• Reports and analyses you generate or request
• Configuration and preference settings
• Interactions with the marketplace (if applicable)
• Customer support communications and feedback

2.5 Automatically collected data

When you access the Service, we automatically collect:

• Internet Protocol (IP) address
• Browser type and version
• Operating system
• Device type and device identifiers
• Pages visited and time spent
• Referring website URLs
• Approximate geographic location (based on IP)
• Cookies and similar tracking technologies (see Section 8)

2.6 Third-party data

We integrate data from third-party providers to enhance our Service. This includes data from:

• Tracenable — company data on carbon reporting for IT assets
• Rejoose — Life Cycle Assessment (LCA) carbon intelligence data for IT assets
• Publicly available and publicly scraped data sources
• Additional third-party data providers as listed at layer-iq.com/legal/third-party-notices

All third-party data is combined with our own data and processed according to applicable agreements with those providers.

2.7 Communication data

If you contact us for support, feedback, or general inquiries, we collect:

• Email address
• Name
• Message content
• Any attachments you provide
• Communication metadata (date, time)

We use the information we collect for the following purposes:

3.1 Provide and operate the Service

• Creating and maintaining your account
• Delivering Service features and functionality
• Processing requests, orders, and transactions
• Providing customer support and responding to inquiries
• Troubleshooting and technical support
• Sending transactional emails (order confirmations, password resets, etc.)

3.2 Certificate program operations

• Processing Certificate submissions from ITAD partners
• Calculating carbon intensity and environmental credentials
• Coordinating verification with Bloom ESG
• Maintaining ITEC registry and audit trails
• Ensuring compliance with environmental standards

3.3 Create aggregated and anonymized derived products

Layer IQ aggregates and anonymizes user data to create derived data products, including: predictive pricing models for IT assets; market benchmarking reports; industry trend analysis; environmental impact assessments; anonymized usage patterns and insights.

These products contain no personally identifiable information and no individual customer data is identifiable. We retain and use these anonymized products indefinitely for business purposes, product development, and customer insights.

3.4 Improve the Service

• Analyzing usage patterns and user behavior
• Enhancing features, functionality, and user experience
• Conducting research and analytics
• Identifying and addressing technical issues
• Developing new features and services

3.5 AI and machine learning processing

We use Anthropic Claude AI (in isolated mode) to:

• Detect anomalies in asset data
• Provide data analysis and recommendations
• Generate insights and reports
• Process natural language queries
• Assist with compliance and verification tasks

Important: Your data is NOT used to train shared or public AI models. Data processing occurs in isolated environments and does not contribute to training models used by other Layer IQ customers or the general public.

3.6 Communications and marketing

• Sending newsletters and product updates (with opt-out options)
• Announcing new features, services, or improvements
• Promotional communications about special offers or trials
• Surveys and feedback requests
• Service announcements and important notices

You may opt out of marketing communications at any time by clicking "unsubscribe" in emails or contacting us at support@layer-iq.com.

3.7 Security and fraud prevention

• Monitoring and investigating suspicious activity
• Preventing fraud, abuse, and unauthorized access
• Protecting against cyberattacks and data breaches
• Enforcing our Terms of Service
• Complying with legal obligations

3.8 Legal compliance

• Meeting legal and regulatory obligations
• Responding to lawful requests from government authorities
• Protecting our legal rights and interests
• Resolving disputes and enforcing agreements

Layer IQ's role with respect to your data depends on the context. Understanding this distinction is important for your privacy rights.

4.1 Layer IQ as Data Processor

When you submit data to Layer IQ as an ITAD or customer for your own business purposes (e.g., asset data for your own ITEC creation or analysis), Layer IQ acts as a Data Processor. In this capacity:

• We process data on your behalf and under your instructions
• You determine the purposes and means of processing
• You remain the Data Controller of that information
• Your privacy rights are exercised through your organization's privacy office or designated contact
• Our Data Processing Agreement, incorporated into the Terms of Service, governs this relationship

If you are a Processor's customer and have questions about data rights, please contact your organization's privacy officer.

4.2 Layer IQ as Data Controller

Layer IQ acts as a Data Controller for:

• Account administration and authentication
• Service operation and security
• Platform usage analytics
• Communications with you
• Marketing and product improvement
• ITEC creation and program administration (Layer IQ determines how ITEC data is used, retained, and shared with Bloom ESG and auditors)
• Creation of aggregated and anonymized derived products
• AI-powered features and analysis

In these contexts, your privacy rights are exercised directly with Layer IQ. Please contact privacy@layer-iq.com or support@layer-iq.com to exercise your rights.

We do not sell personal information. We share information only in the following circumstances:

5.1 Service providers

We share information with vendors and service providers who assist us in operating the Service, including:

• Cloud hosting providers (server and data storage)
• Payment processors (for billing and transactions)
• Analytics providers (Google Analytics, Mixpanel, or similar)
• Customer support and ticketing systems
• Email service providers
• Security and fraud prevention providers

These service providers are contractually obligated to use your information only to provide services to us and must maintain appropriate security.

5.2 Bloom ESG and auditors

For the ITEC program, we share relevant asset and verification data with:

• Bloom ESG — for ITEC verification and validation
• Auditors — for compliance verification and audit purposes

This data sharing is necessary for ITEC creation, issuance, and registry maintenance.

5.3 Third-party data providers

We may share aggregated usage statistics and anonymized insights with our third-party data partners (Tracenable, Rejoose, and others as listed in our Third Party Data Provider Terms) according to the terms of our agreements with those providers. This data is always aggregated and anonymized — individual users and customers are not identifiable.

5.4 Marketplace participants

If you use our marketplace features, information you choose to include in your listing or public profile may be visible to other marketplace participants (e.g., ITEC sellers and carbon brokers). You control what information is publicly visible.

5.5 Business transfers

If Layer IQ is involved in a merger, acquisition, bankruptcy, or asset sale, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your personal information.

5.6 Legal requirements

We may disclose information when required by law, such as in response to:

• Subpoenas or court orders
• Government investigations or regulatory inquiries
• Law enforcement requests
• Protection of public safety or our legal rights

5.7 With your consent

We may share your information with third parties when you provide explicit consent (e.g., when you authorize an integration with another service).

5.8 What we do NOT share

We never:

• Sell personal information to third parties
• Share identifiable customer data with other Layer IQ customers
• Disclose your account data or transaction history to other users
• Share your ITAD or enterprise data outside your organization without your consent

A core part of Layer IQ's business model is creating anonymized, aggregated insights from platform data. This section explains this practice in detail.

6.1 How we create derived products

Layer IQ aggregates data from multiple customers and sources, then anonymizes and analyzes it to create: market pricing benchmarks and forecasts; industry trend reports; environmental impact assessments; asset lifecycle analysis; comparative analytics.

6.2 No individual identification

These products are engineered to ensure:

• No individual customer can be identified
• No single transaction, asset, or ITAD can be reverse-engineered
• Aggregation includes sufficient data points to prevent re-identification
• Anonymization is irreversible

6.3 Use of derived products

We use aggregated products for:

• Improving the Service and AI features
• Developing new features and services
• Benchmarking and competitive analysis
• Marketing and business development
• Selling aggregated reports and insights to customers

6.4 Your ability to opt out

If you do not want your data included in future aggregated products, please contact privacy@layer-iq.com. Note: (a) this opt-out applies prospectively only — aggregated and anonymized data already created is not affected, as it cannot be attributed to any individual customer; (b) opting out may limit certain Service features that rely on aggregated benchmarking; and (c) this opt-out does not override the data usage license granted in the Terms of Service (Section 9.2), which governs the contractual scope of Layer IQ's data rights.

Layer IQ uses artificial intelligence to enhance the Service and provide better insights to users.

7.1 AI technology

We use Anthropic Claude AI in isolated mode to power features such as:

• Data anomaly detection
• Natural language queries and analysis
• Automated insights and recommendations
• Report generation
• Compliance analysis

7.2 Data use for AI

• Your data is processed by Claude in isolated environments
• Data is not used to train shared or public AI models
• Your data does not contribute to models used by other customers or the general public
• Processing is isolated to your queries and analysis requests
• Claude outputs are generated for your use only

7.3 Limitations and accuracy

• AI outputs are generated by machine learning and may contain errors or inaccuracies
• You should review AI-generated content for accuracy before relying on it
• Layer IQ does not guarantee the accuracy, completeness, or reliability of AI outputs
• Critical decisions should be verified by human review

7.4 AI processing agreement

For customers subject to GDPR or similar regulations, AI processing constitutes a specific category of data processing. A separate AI Addendum is available upon request that details the technical and organizational measures we employ.

Layer IQ and its service providers use cookies and similar tracking technologies to enhance the Service. For a complete description of the cookies we use and how to manage your preferences, please see our Cookie and Tracking Policy.

8.1 Types of cookies

Necessary cookies — Required for basic functionality

• Authentication and session management
• Security and fraud prevention
• User preferences and settings

Performance cookies — Measure how you use the Service

• Pages visited, features used, time spent
• Error tracking and debugging
• Performance monitoring

Preference cookies — Remember your choices

• Language and display preferences
• Feature preferences
• Saved configurations

Marketing cookies — Track engagement for marketing purposes

• Advertising analytics
• Email campaign tracking
• Retargeting across websites

8.2 Third-party tracking

We use:

• Google Analytics 4 (GA4) — for website traffic analytics, session tracking, and marketing measurement (marketing site; sets cookies)
• PostHog — for product analytics and feature engagement tracking (authenticated application; configured with memory-only persistence and does not set cookies or use browser storage)
• HubSpot — for marketing analytics, visitor identification, and lead scoring (marketing site; sets cookies)

GA4 and HubSpot may set their own cookies on the marketing site and require consent where applicable. PostHog operates without browser storage in the authenticated application. Refer to each provider's privacy policy for details.

8.3 Your choices

• Most browsers allow you to refuse cookies or alert you when cookies are set
• You can disable cookies in your browser settings
• Disabling necessary cookies may impair Service functionality
• You may opt out of marketing cookies and targeted advertising through your account settings or by contacting support@layer-iq.com
• You can opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-on

8.4 Do not track

Some browsers include a "Do Not Track" (DNT) feature. There is currently no universally accepted standard for how websites should respond to DNT signals. Accordingly, Layer IQ does not currently respond to or alter its practices upon receiving DNT signals. You can manage your tracking preferences through our cookie consent tool or your browser settings.

Layer IQ respects your privacy rights. The rights available to you depend on your location and whether Layer IQ is acting as a Controller or Processor.

9.1 If Layer IQ is your Data Controller

You have the right to:

• Access: Request what personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion/Erasure: Request deletion of your personal information (subject to legal obligations and exceptions)
• Objection: Object to processing of your data for certain purposes
• Portability: Request your data in a portable, machine-readable format
• Withdraw consent: Withdraw consent for processing based on consent (does not affect prior processing)
• Marketing opt-out: Opt out of marketing communications at any time
• Restrict processing: Request limitation or restriction of processing

9.2 If Layer IQ is your Data Processor

If you are a customer organization and Layer IQ processes your data on your behalf, your privacy rights are exercised through your organization's privacy office or designated data privacy contact. Please direct inquiries to your organization's privacy officer.

9.3 How to exercise your rights

Contact us:

• Email: privacy@layer-iq.com or support@layer-iq.com
• Mailing Address: Layer IQ Technologies, Inc., 132 W International Speedway Boulevard, #1189, Daytona Beach, FL 32114

Include in your request:

• Your name and account email
• Clear description of your request
• Any specific personal information you're referring to
• Proof of identity (if required for verification)

Response timeline: We will respond to requests within 30 days (or as required by applicable law). Complex requests may require additional time. We may ask for clarification or additional information to process your request.

9.4 No discrimination

We will not discriminate against you for exercising your privacy rights. You will not face retaliation, denial of service, or degraded service quality.

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) grant you specific rights. This section applies to you.

10.1 Categories of personal information collected

Over the past 12 months, we have collected the following categories:

10.2 Sources of information

We collect personal information from:

• You directly (account creation, transactions, communications)
• Automatic collection (cookies, IP logging, usage analytics)
• Third-party data providers (Tracenable, Rejoose, and others as listed in our Third Party Data Provider Terms)
• Service providers and partners

10.3 Business or commercial purposes

We use your personal information for:

• Providing the Service
• Processing transactions and billing
• Marketing and communications
• Service improvement and analytics
• Security and fraud prevention
• Legal compliance
• Creating aggregated, anonymized products

10.4 Right to know

You have the right to request what personal information we have collected about you, including: categories and specific pieces of personal information; sources of that information; our business purposes for collection; categories of third parties with whom we share it.

To submit a request: Contact privacy@layer-iq.com with the subject "CCPA Right to Know Request."

10.5 Right to delete

You have the right to request deletion of personal information we have collected, with exceptions for: completing transactions you requested; detecting fraud or security issues; complying with legal obligations; other lawful business purposes.

To submit a request: Contact privacy@layer-iq.com with the subject "CCPA Right to Delete Request."

10.6 Right to opt-out of sale or sharing

Layer IQ does not sell your personal information to third parties. We do not share your personal information in ways that constitute "sale" or "sharing" under CCPA/CPRA. Therefore, this right does not apply to our data practices.

If we begin selling or sharing personal information in the future, we will update this policy and provide you with an opt-out mechanism.

10.7 Right to correct

You have the right to request correction of inaccurate personal information. To submit a request: Contact privacy@layer-iq.com with the subject "CCPA Right to Correct Request."

10.8 Right to limit use and disclosure

You have the right to limit our use and disclosure of your personal information to purposes necessary to provide the Service or for other lawful purposes. To submit a request: Contact privacy@layer-iq.com with the subject "CCPA Right to Limit Request."

10.9 Non-discrimination

Layer IQ will not discriminate against you for exercising your CCPA/CPRA rights. We will not:

• Deny goods or services
• Charge different prices or rates
• Provide degraded service quality
• Deny discounts or benefits

10.10 Authorized agent

You may designate an authorized agent to submit requests on your behalf. The authorized agent must provide documentation of their authority and your identity verification may be required.

10.11 Response timeline

We will respond to requests within 45 days (or within the timeframe required by law). We may extend this period by 45 days for complex requests with notice.

If you are located in the European Union, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and UK GDPR apply. This section outlines your rights and our obligations.

11.1 Legal basis for processing

We process your personal information only when we have a lawful legal basis:

11.2 Your rights under GDPR

You have the following rights:

• Right of access: Request a copy of your personal information and details about how we process it
• Right of rectification: Request correction of inaccurate or incomplete data
• Right of erasure ("right to be forgotten"): Request deletion of your data, with exceptions for legal obligations and legitimate interests
• Right to restrict processing: Request that we limit processing while a dispute is resolved
• Right to data portability: Request your data in a structured, commonly-used, machine-readable format for transfer to another controller
• Right to object: Object to processing based on legitimate interest or marketing purposes
• Right not to be subject to automated decision-making: You have the right not to be subject to automated decisions that produce legal or similarly significant effects (with limited exceptions)
• Right to withdraw consent: If processing is based on consent, you may withdraw it at any time without affecting prior processing

11.3 Data subject rights requests

How to exercise your rights: Email privacy@layer-iq.com

Include in your request:

• Your full name and contact information
• Clear description of your request
• Any relevant details (account email, specific data, etc.)
• Proof of identity if we cannot verify you through account information

Response timeline: We will respond within 30 days. Complex requests may require additional time, with notice.

11.4 Data Processing Agreement

If you are a Data Controller (e.g., an enterprise customer using Layer IQ to process employee or customer data), a separate Data Processing Agreement (DPA) must be in place. This agreement details: processing purposes and scope; data security and safeguards; sub-processor management; data subject rights.

Our DPA is published at layer-iq.com/legal/dpa and is incorporated into the Terms of Service by reference. The DPA applies automatically where your use of the Service involves the processing of personal data subject to GDPR, UK GDPR, CCPA, or other applicable data protection law. For questions about the DPA, contact privacy@layer-iq.com.

11.5 International data transfers

Layer IQ is based in the United States. Your personal information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from your country of origin.

Safeguards for transfers: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure appropriate safeguards for EU/UK data transfers. The SCCs are incorporated into our Data Processing Agreement.

When we transfer data to service providers in third countries, we ensure they are either:

• Located in countries with "adequate" privacy protections (as determined by EU regulators)
• Bound by SCCs or Binding Corporate Rules (BCRs)
• Certified under appropriate frameworks (e.g., Privacy Shield successor)

11.6 Data Protection Officer

Layer IQ does not currently employ a dedicated Data Protection Officer (DPO). However, you may contact our Data Protection Contact: privacy@layer-iq.com

11.7 Supervisory authority

You have the right to lodge a complaint with the data protection authority in your jurisdiction:

• EU: Your Member State's Data Protection Authority
• UK: Information Commissioner's Office (ICO)
• Switzerland: Swiss Federal Data Protection and Information Commissioner (FDPIC)

Layer IQ's operations and servers are primarily located in the United States. When you use the Service from outside the US, your personal information may be transferred to and processed in the United States.

12.1 Data protection standards

Data protection laws in the United States may not provide the same level of protection as laws in your country of residence. By using Layer IQ, you acknowledge and consent to the transfer and processing of your data in the United States under US law.

12.2 Safeguards

We maintain appropriate safeguards for international transfers:

• Standard Contractual Clauses (SCCs) for EU/UK transfers
• Encryption of data in transit and at rest
• Security measures consistent with global privacy standards
• Sub-processor agreements ensuring third-party compliance

12.3 EU-US Data Privacy Framework

The European Commission adopted an adequacy decision for the EU-US Data Privacy Framework (DPF) in July 2023. Where applicable, Layer IQ may rely on the DPF, the UK Extension to the DPF, or the Swiss-US DPF for transatlantic data transfers. Where DPF certification does not apply or is unavailable, international transfers rely on Standard Contractual Clauses (SCCs) and organizational safeguards as described in Section 11.5.

Layer IQ retains personal information as long as necessary to provide the Service and fulfill the purposes described in this policy. Specific retention periods are:

13.1 Active accounts

• Personal information (name, email, account details) is retained for the duration of your account
• Platform usage data and interaction logs are retained for 12 months (for analytics and troubleshooting)
• Payment information is retained as required for billing and tax compliance

13.2 After account termination

Upon account termination:

• You have 30 days to request export of your personal data
• After 30 days, personal information is deleted from active systems
• Anonymized and aggregated data derived from your usage is retained indefinitely
• Backup copies are deleted within 90 days per our data backup policy

13.3 Certificate program data

• Certificate submissions and environmental data are retained as required by the Bloom Registry and applicable environmental regulations
• Audit documentation is retained for 7 years to comply with regulatory requirements
• After retention period expires, data is securely deleted unless a legal hold is in place

13.4 Legal and compliance holds

If Layer IQ becomes aware of litigation, government investigation, or regulatory inquiry, we may place a legal hold on personal information. Data subject to legal hold is retained until the matter is resolved.

13.5 Communications data

• Customer support emails and communications are retained for 24 months for quality assurance and dispute resolution
• After 24 months, communications are securely deleted unless retention is legally required

13.6 Aggregate data

Aggregated and anonymized data that cannot identify individuals is retained indefinitely for business purposes, analytics, and service improvement.

Layer IQ implements reasonable administrative, technical, and physical security measures to protect personal information against unauthorized access, alteration, disclosure, or destruction.

14.1 Technical safeguards

• Encryption in transit: TLS/SSL encryption for all data transmitted over the internet
• Encryption at rest: Industry-standard encryption for data stored on servers and in databases
• Access controls: Authentication, authorization, and role-based access restrictions
• Firewalls and intrusion detection: Network security and monitoring systems
• Regular security updates: Timely patching of vulnerabilities

14.2 Administrative safeguards

• Security training: Employees receive data protection and security training
• Access policies: Access to personal information is limited to authorized personnel with legitimate business needs
• Data minimization: Collecting only necessary information
• Incident response: Procedures for detecting, investigating, and responding to security incidents

14.3 Physical safeguards

• Secure facilities: Data centers with restricted access, monitoring, and environmental controls
• Backup and disaster recovery: Redundant systems and geographic distribution to ensure availability

14.4 Limitations

No guarantee of absolute security: Despite these measures, no system is completely secure. Layer IQ cannot guarantee that personal information will never be accessed, disclosed, altered, or destroyed by unauthorized persons. You use the Service at your own risk.

14.5 Security incidents

If Layer IQ discovers a security incident involving personal information, we will:

• Investigate the incident promptly
• Notify affected individuals without unreasonable delay (as required by law)
• Notify relevant regulatory authorities (as required by law)
• Provide resources to help you protect yourself (e.g., credit monitoring)

Layer IQ does not knowingly collect personal information from individuals under the age of 16. If we become aware that we have collected information from a child under 16, we will delete that information promptly.

If you are under 16 and have provided information to Layer IQ, please contact us immediately at privacy@layer-iq.com so we can remove your information.

Parents or guardians who believe a child has provided information to Layer IQ may contact us at privacy@layer-iq.com.

The Layer IQ Service may contain links to third-party websites, applications, and services that are not operated by Layer IQ. This privacy policy does not apply to third-party services, and we are not responsible for their privacy practices.

When you click a link to a third-party service:

• You leave the Layer IQ platform
• The third party's privacy policy and terms govern
• We recommend reviewing their privacy policy before providing personal information
• Layer IQ has no control over how third parties collect, use, or share your data

Third parties we integrate with include: Bloom ESG, Tracenable, Rejoose, Google Analytics, and various payment processors. A current list of third-party data providers is maintained at layer-iq.com/legal/third-party-notices.

Layer IQ may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

17.1 Notification of changes

• Material changes: We will notify you by email or through the Service when we make material changes
• Non-material changes: We will update the "Last updated" date without separate notice
• Continued use: Continued use of the Service after updates constitutes acceptance of the revised policy

17.2 Review changes

We recommend reviewing this Privacy Policy periodically to stay informed about how Layer IQ protects your information.

If you have questions about this Privacy Policy, your privacy rights, or Layer IQ's data practices, please contact us:

Email:

• privacy@layer-iq.com (privacy-related inquiries)
• support@layer-iq.com (general questions)

Mailing address: Layer IQ Technologies, Inc. 132 W International Speedway Boulevard, #1189 Daytona Beach, FL 32114 United States

Response timeline: We will respond to inquiries within 10 business days.

Data protection contact: privacy@layer-iq.com

• Terms of Service: layer-iq.com/legal/terms
• Third Party Data Provider Terms: layer-iq.com/legal/third-party-notices
• Data Processing Agreement (DPA): layer-iq.com/legal/dpa
• AI Addendum: Available upon request for GDPR-regulated customers
• Certificate program documentation: Available in the Service or upon request from support@layer-iq.com

Last updated: March 9, 2026

This Privacy Policy is effective as of the date listed above. Layer IQ Technologies, Inc. is committed to transparency and responsible data stewardship.