Privacy Policy

IDENTIV, INC.

PRIVACY POLICY

This Privacy Policy ("Privacy Policy") describes how Identiv, Inc. and its affiliates (collectively, "Identiv") collect, use, transfer, and disclose data including personally identifiable information (“personal data”) obtained through Identiv’s websites (the "website(s)") and via its product and service offerings. Use of the website is also subject to Identiv’s Terms of Use.

DATA IDENTIV COLLECTS

Identiv collects data to provide customers with products and services and to operate Identiv’s business. Some of this data is provided directly, such as when you create an Identiv account, make a request on the website, attend an event or meeting, or contact Identiv for support or to perform other services. Identiv receives some data by recording how users interact with Identiv products and services by, for example, using technologies like cookies, receiving error reports, usage data or location data from software running on Identiv products or from utilizing Identiv services. Identiv also collects data about customers from public sources and from Identiv's third-party partners and suppliers.

The data Identiv collects can include the following:

• Name and contact data. Information, including personal data, collected through the website or through other means, may include name and salutation, job title, physical address, time zone, telephone number (including work or home office, mobile, and fax numbers), photograph, e-mail address, and other contact information. Identiv also collects marketing contacts and preferences (phone, email, postal mail, fax, and text messages), name and nature of your business, language preference, and delivery and fulfillment information.
• Credentials. Identiv collects information used for authentication and account access.
• Usage data. Identiv collects data about how users and devices interact with Identiv products and services. For example, Identiv collects:

o Device and System Data – basic information needed to operate Identiv products and services, such as device identifiers, configuration settings, firmware or software versions, and network connection data.

o Usage and Diagnostic Data – information about how Identiv products and services are used and performed, including feature activation, event logs, and error reports, which Identiv uses to maintain security, reliability, and functionality.

o Support and Interaction Data – information provided when customers or users contact Identiv for support or interact with Identiv’s online portals or AI-assisted tools.

Cookies. Websites may collect certain kinds of data which could encompass personal data during your visit, including through the use of cookies. Cookies are small text files sent from a site to the hard drive of a user's device to store bits of information related to that user or device. Cookies can store information about the device and users, including IP addresses, navigational data, server information, data transfer times, user preferences, and passwords needed to access the special areas on Identiv websites. Identiv uses cookies to assist with the downloading of documents from websites and for other business purposes such as traffic analysis of websites. If you choose to create a user profile, Identiv will use cookies to store the personal data for your profile.

Other technology. Websites also use IP addresses, log files and other technology to identify website problems and usage. Identiv also uses web beacons to perform standard traffic analysis on the websites in a manner similar to how Identiv uses cookies and to track website usage for statistical purposes. Identiv reserves the right to introduce new tracking technologies and techniques related to the use of the websites, although Identiv will do so subject to and in accordance with applicable data protection laws and regulations.

HOW IDENTIV USES PERSONAL DATA

Identiv processes data, including personal data, in several ways. Identiv uses the data it collects for three basic purposes: (1) to process transactions for the sale and support of Identiv products and/or services, (2) to operate Identiv’s business, and to provide and support the products and services Identiv offers (including improving and personalizing), and (3) to send certain communications, including promotional communications. When customers place an order, Identiv uses the personal data provided, including any payment information necessary to provide the products or services requested. If you create a user profile, Identiv will store personal data as requested to manage the profile and communicate with the user. If you request contact from Identiv or about Identiv products and/or services when using Identiv's websites or attending an event, such as requesting a meeting or demonstration, Identiv uses the personal data provided to process such request.

Identiv does not sell personal data.

If you are located outside of the United States, please be aware that any information you provide to Identiv through the websites may be transferred to the United States. Please also be aware that by using the websites and giving Identiv your information, you consent to such transfer. You also understand that the U.S. may not provide the same level of protections as the laws of your country. Personal data may also, subject to the requirements of applicable law, be used, disclosed and transferred to law enforcement personnel and other persons in situations where Identiv believes that it is necessary to identify, contact, or bring legal proceedings against someone who may be misusing the website, interfering with the rights of Identiv or other users, or when Identiv reasonably believes that the law requires or permits such disclosure.

Third-Party Sharing and AI Services.Identiv may engage third-party service providers to support its product and service offerings, including customer phone and chat support, AI-enabled features, and chatbot functionality. Where personal data is shared, Identiv enters into data processing agreements requiring such third parties to protect the data and use it solely to deliver the contracted services on Identiv's behalf, in compliance with applicable data protection laws.

WHY IDENTIV SHARES PERSONAL INFORMATION

Identiv shares personal data with consent or as necessary to complete any transaction or provide any product or service requested or authorized. Identiv also may disclose and transfer personal data to strategic partners, suppliers and other third parties for the purposes described in this Privacy Policy and to assist with the operation of the websites and/or the associated business transactions. If Identiv sells or divests all or part of its business, makes a transfer of assets, or otherwise becomes involved in a change of control transaction, or in the unlikely event of bankruptcy, Identiv may transfer personal data covered by this Privacy Policy to one or more third parties as part of the transaction including the due diligence process.

Additionally, Identiv will access, transfer, disclose, and preserve personal data when Identiv has a good faith belief that doing so is necessary to:

• comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
• protect Identiv customers, for example to prevent unsolicited emails or attempts to defraud users of Identiv products, or to help prevent the loss of life or serious injury of anyone;
• operate and maintain the security of Identiv’s products and services, including to prevent or stop an attack on Identiv’s computer systems or networks; or
• protect the rights or property of Identiv, including enforcing the terms governing the use of the products or services; however, if Identiv receives information indicating that someone is using Identiv products or services to traffic in stolen intellectual or physical property, Identiv may refer the matter to law enforcement.

DATA SECURITY

Pursuant to applicable regulations, Identiv maintains reasonable technical and administrative procedures to protect data including personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. Identiv cannot guarantee any data’s absolute security or warrant the security of any data against any possible loss or unauthorized access.

ACCESS AND CORRECTION OF PERSONAL DATA

If you wish to access or update the personal data submitted through the websites, or to make any inquiries (including requests of cancellation or deletion) about the collection or processing of personal data, please contact Identiv as described below in the section labeled "Contact." Identiv provides individuals with access to their personal data where required by applicable data protection and privacy laws. Individuals will be required to sufficiently verify their identity and declining to provide necessary information may prevent or limit Identiv’s ability to respond to your inquiry.

LINKS TO THIRD-PARTY WEBSITES

The statements set forth in this Privacy Policy are only for the website and Identiv's products and service offerings. Third-party websites, products, and services are the responsibility of those third parties and not Identiv, even if such third-party content is found via a link from website or service offering. If you link to or otherwise visit a third-party website, you must review the privacy policies posted at those websites. Identiv has no control over third-party websites, products, and services and is not responsible or liable for the policies and practices followed by third parties.

RETENTION OF DATA

Identiv will keep your data, which may include personal data, for as long as necessary for the purposes for which it was collected, to provide you with products or services, to conduct legitimate business interests, and where otherwise required or permitted by law.

GENERAL DATA PROTECTION REGULATION (GDPR)

The GDPR Addendum applies in circumstances where Identiv’s privacy practices are subject to the EU General Data Protection Regulation ("GDPR"). If applicable to you, the GDPR Addendum should be read in conjunction with this Privacy Policy.

CALIFORNIA PRIVACY DISCLOSURES

Effective January 1, 2020, under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA"), California residents have the following new rights in respect to their personal data:

• The right to request the deletion of any personal data about the consumer that has been collected from the consumer;
• The right to request disclosures regarding the collection of personal data;
• The right to request disclosures regarding the sale of personal data or disclosures made for a business purpose;
• The right not to be discriminated against for exercising rights under the CCPA;
• The right to opt-out of the sale of personal data; and
• The right to opt-in for any financial incentive programs.

Right to Deletion and Disclosure of Personal Data

Twice within a 12-month period, California residents, with whom Identiv has an established business relationship, may make a personal data request. Identiv will need to collect information from you to verify your identity before this request can be fulfilled. You may also request that personal data not being used for a business purpose be deleted.

A request may be made to access personal data by emailing Identiv at privacy@Identiv.com, calling +1 866.358.1029, or writing to:

Right to Opt-Out of Sales

For purposes of California law, Identiv does not sell personal data for monetary or other valuable consideration, or otherwise for a commercial purpose, including advertising. If you are a California resident, you may formally opt-out of any sale of your personal data to the extent enabled by California law by emailing Identiv at privacy@Identiv.com or writing to the above address.

Right to Not Be Discriminated Against

Identiv does not discriminate on the basis of consumer rights requests.

Right to Opt-Out

Identiv may use third-party ad servers (or ad networks) to deliver ads to you on Identiv's behalf. These third-party ad servers may collect and use certain information about your visits to the website in order to present advertisements that may be of interest to you. If you would like more information about this practice or to opt-out of having this information used by third-party ad servers to provide targeted ads, please email Identiv at privacy@Identiv.com.

UNSUBSCRIBING FROM EMAILS

If you are currently receiving emails from Identiv and wish to be removed from a communication list, unsubscribe by using the unsubscribe link in at the footer of a marketing email to remove your email from Identiv's mailing list.

CHILDREN'S PRIVACY

Identiv does not knowingly solicit children to purchase its services or products. Identiv's websites are not designed to attract children under the age of 13, and Identiv does not intentionally or knowingly collect personal data on its websites from anyone under the age of 13.

EU DATA ACT TRANSPARENCY

To the extent applicable, Identiv complies with the EU Data Act (Regulation (EU) 2023/2854). Where its connected products or services generate data, Identiv ensures that users and authorized third parties can access such data under fair, reasonable, and non-discriminatory terms while safeguarding trade secrets, security, and personal data in accordance with the EU Data Act and the GDPR.

REVISIONS TO THIS PRIVACY POLICY

Identiv reserves the right to change this Privacy Policy from time to time in compliance with applicable legal, contractual, and regulatory requirements. Please thoroughly review this Privacy Policy each time before you submit any personal data via the website or any product or service.

CONTACT

If you have any questions about this Privacy Policy, please contact Identiv at:

Last updated on October 24, 2025.

Last updated on October 24, 2025

Identiv, Inc.

General Data Protection Regulation (GDPR) Addendum

This GDPR Addendum supplements the Privacy Policy to the extent you use Identiv's website and the GDPR is applicable to you. Identiv is committed to GDPR compliance.

Definitions

As used in this GDPR Addendum:

“controller,” “data subject,” “personal data”, “process”, and “processor” will each have the meaning given to them in Article 4 of the GDPR;

“GDPR” means the General Data Protection Regulation (EU) 2016/679, together with any national implementing laws in any Member State of the European Union, as amended, repealed, consolidated or replaced from time to time including the UK version of the GDPR as defined in Section 10(3) of the Data Protection Act 2018;

"Privacy Policy” means Identiv’s privacy policy located onIdentiv.com.

The Controller, Processor and Purposes of this GDPR Addendum

As a controller and processor of data, including personal data, Identiv collects, processes, and uses personal data fairly and lawfully.

Identiv is focused on implementing the appropriate technical and organizational measures to ensure that Identiv meets the requirements of the GDPR. Where the GDPR is applicable, Identiv commits to follow all the requirements of the GDPR, including to:

• Only process your personal data in line with your instructions
• Honor your right to withdraw consent at any time
• Maintain the confidentiality of your personal data and ensure sufficient staff training on data protection
• Ensure appropriate security of, and access to, your personal data
• Provide relevant data retention and deletion policies
• Facilitating data subject’s rights and incident notifications
• Utilize processors, sub-processors and international data transfers in a GDPR-compliant manner

The Personal Data That Identiv Collects and Uses

Identiv collects, uses and shares data for the purposes as set out in its Privacy Policy.

Processing Basis

To process your personal data, Identiv relies on at least one of the following legal bases:

• For the performance of a contract Identiv has with you (such as if you purchase Identiv products or services, Identiv will use your information to carry out Identiv's obligation to complete and administer your order)
• For compliance with a legal obligation to which Identiv is subject (such as tax obligations and when Identiv is obliged to comply with lawful requests from competent authorities such as law enforcement)
• For the purposes of Identiv's legitimate interests (such as tailoring your experience on Identiv's websites and for fraud detection), provided that such processing does not outweigh your rights and freedoms.

The processing may also be pursuant to other applicable legal basis for data processing, especially provisions set out by Member State law. To the extent that a legal ground described above would not apply to processing of your personal data by Identiv, Identiv will seek your consent for such specific purpose in accordance with applicable law.

Processing Sensitive Personal Data

The GDPR treats some types of personal data as special categories of personal data. This includes information about racial or ethnic origin, sexual orientation, religious beliefs, trade union membership, health data, and criminal records. Identiv will not collect or use these types of data without your consent unless allowed by applicable law. If Identiv does use such data, it will only be when it is necessary; for example:

• Processing relating to data about you that you have made public
• Processing being necessary for the purpose of establishing, making or defending legal claims.

Website Processors

Identiv uses a select number of website processors or sub-processors to provide customers with products and services, and to operate Identiv’s business. Each website processor and sub-processor has been assessed for their ability to provide appropriately secure services and provision of relevant assurances, policies and data processing agreements. Personal data is processed for the purposes described in this GDPR Addendum and in the Privacy Policy and Identiv's Terms of Use.

Identiv's current list of sub-processors for its website are:

International Data Transfers

For the purposes set out in the Privacy Policy and any applicable product or solution documentation, your personal data may be transferred outside of the country in which it was collected. For transfers from the EEA, UK, or Switzerland, Identiv relies on the European Commission’s Standard Contractual Clauses and any applicable addendum. Identiv also participates in the EU–U.S. Data Privacy Framework, providing an additional safeguard for transatlantic data transfers.

Identiv will ensure that all transfers are lawful and that there are appropriate legal and security arrangements, including implementing supplementary measures to achieve a level of protection equivalent to GDPR.

Identiv's sub-processors commit to using approved methods to ensure the controlled transfer of data outside of the EU. Additionally, Identiv’s providers make strong commitments to Identiv related to limiting access to the data that is stored with them.

Children

Identiv products, services and websites are not for use by children under the age of 16 years and Identiv does not knowingly collect, store, share or use the personal data of children under the age of 16 years. If you are under the age of 16 years, please do not provide any personal data, even if prompted by Identiv's website to do so.

Marketing

Where requested and lawful to do so, Identiv may communicate with you about Identiv products, services and solutions, subject to your consent where required. If you wish to unsubscribe from receiving marketing communications, please visit the preference site at the bottom of Identiv marketing communications and unsubscribe. As is common with most websites, Identiv gathers certain information and stores it in log files when you interact with Identiv's website. Identiv uses this information to personalize information presented to you, to monitor the effectiveness of Identiv's website-based marketing campaigns and to improve the functionality of the website. In such cases, Identiv will process such information in accordance with Privacy Policy.

Security

Identiv has implemented a range of policies, procedures and controls to ensure personal data is secure. Identiv has implemented policies in compliance with the GDPR and frequently re-assesses such policies to ensure the continued support of privacy requirements applicable to personal data under the GDPR. In assessing the appropriate level of security, Identiv takes account of the risks that are presented by the processing, and in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to data transmitted, stored or otherwise processed.

Minimum Technical and Organizational Security Measures

Identiv has implemented and maintains at least the following minimal technical and organizational security measures to protect the personal data:

Server Operating Systems. Identiv infrastructure utilizes industry standard enterprise level Operating Systems which are regularly patched in accordance with the software vendors recommendation. All systems are protected with anti-virus, anti-malware and anti-ransomware software, as appropriate.

Businesses Continuity. Identiv maintains cloud-based systems hosted with third parties that provide business continuity/disaster recovery procedures.

Data Transmission. To prevent data from being read, copied, altered or removed without authorization, Identiv encrypts and/or password protects all transmissions containing personal data.

Encryption Technologies. Identiv uses AES and/or HTTPS encryption (also referred to as a SSL or TLS connection).

Opt-Out, Data Subject Access Requests, Retention and Complaints

Please visit the preference site at the bottom of Identiv marketing communications to unsubscribe. To invoke a data subject request under GDPR for access to and rectification or erasure of personal data or restriction of processing or to object to processing and rights to data portability, send an email detailing your specific request to privacy@Identiv.com. Identiv also retains personal data no longer than is necessary to carry out the purposes described in the Privacy Policy. In considering how long to keep a particular category of personal data Identiv will have regard to the purposes for which it is processed, and any purposes which continue to apply even when Identiv has delivered a product or service (for example, because Identiv needs to keep records for audit purposes or in the event of a legal claim or threatened claims). Data subjects have the right to lodge a complaint with the appropriate supervisory authority if the data subject considers that the processing of personal data relating to the data subject infringes the GDPR.

This Identiv GDPR Addendum is subject to change from time to time, so you should check it periodically.