PRIVACY POLICY

Last updated July, 23rd 2025

This privacy notice for Original8 Consulting Inc. d/b/a ReelReview (“we,” “us,” or “our”), describes how and why we might collect, store, use, and/or share (“process”) your information when you use our services (“Services”), such as when you:

• Visit our website at reelreview.io, or any website of ours that links to this privacy notice
• Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at [email protected].

SUMMARY OF KEY POINTS

This summary provides key points from our privacy notice, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

• What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use.
• Do we process any sensitive personal information? We may process sensitive personal information when necessary with your consent or as otherwise permitted by applicable law.
• Do we receive any information from third parties? We may receive information from public databases, marketing partners, social media platforms, and other outside sources.
• How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so.
• In what situations and with which types of parties do we share personal information? We may share information in specific situations and with specific categories of third parties.
• How do we keep your information safe? We have organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
• What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information.
• What do we do with connected email accounts? Email accounts connected to the platform will be used to send outbound messages to leads our AI system collects for you and will send automatic emails to other accounts for the purpose of email warm-up.
• How do you exercise your rights? The easiest way to exercise your rights is by submitting a data subject access request, or by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

• names
• phone numbers
• email addresses
• job titles
• passwords
• contact preferences
• billing addresses
• debit/credit card numbers
• any information shared by chatting with your AI assistant

Sensitive Information. When necessary, with your consent or as otherwise permitted by applicable law, we process the following categories of sensitive information:

• Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number and the security code associated with your payment instrument. All payment data is stored by Stripe. You may find their privacy notice here: https://stripe.com/en-gb-us/privacy
• Social Media Login Data. We may provide you with the option to register with us using your existing social media account details, like your Facebook, Twitter, or other social media account. If you choose to register in this way, we will collect the information described in the section called 

“HOW DO WE HANDLE YOUR SOCIAL LOGINS?”

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes.

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact info) but may include device and usage information such as:

• IP address
• Browser and device characteristics
• Operating system
• Language preferences
• Referring URLs
• Device name
• Country
• Location
• Information about how and when you use our Services
• Other technical information

This information is primarily needed to maintain the security and operation of our Services and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies.

The information we collect includes:

• Log and Usage Data: Diagnostic, usage, and performance info collected automatically, e.g., IP address, browser type, pages visited, features used, time stamps, system activity, crash reports.
• Device Data: Info about the device you use to access the Services, including device ID, OS, type, settings, and possibly location.
• Location Data: Includes IP-based or GPS location. You can disable this through your device or browser settings, but it may affect your access to Services.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

• To facilitate account creation and authentication and manage user accounts.
• To deliver and facilitate the delivery of services to the user.
• To respond to user inquiries and offer support.
• To send administrative information.
• To request feedback.
• To send you marketing and promotional communications (if in line with your preferences — you may opt out).
• To deliver targeted advertising.
• To protect our Services. (e.g., monitoring, fraud prevention)
• To identify usage trends and improve the product.
• To determine the effectiveness of our marketing.
• To save or protect an individual’s vital interest.
• To improve our language model reliability.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your personal information when we have a valid legal reason to do so under applicable law.

If you are located in the EU or UK, this section applies to you.

Under the General Data Protection Regulation (GDPR) and UK GDPR, we may rely on the following legal bases to process your personal information:

• Consent. You may withdraw your consent at any time.
• Performance of a Contract. To fulfill contractual obligations.
• Legitimate Interests. For purposes such as:
  • Sending promotional offers
  • Developing relevant advertising
  • Improving the user experience
  • Detecting fraud
  • Diagnosing performance issues
• Legal Obligations. To comply with law or legal proceedings.
• Vital Interests. To protect someone’s life or prevent harm.

We are the “data controller” under EU/UK law unless we are acting on behalf of a customer, in which case we are the “data processor”.

If you are located in Canada, this section applies to you.

We may process your info with:

• Express consent, or
• Implied consent, or
• As permitted by law, including:
  • Emergency situations
  • Fraud detection
  • Business transactions
  • Legal investigations
  • Public interest cases
  • Witness statements
  • Journalism or research
  • Publicly available data

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following categories of third parties.

Vendors, Consultants, and Other Third-Party Service Providers

We may share your data with third-party vendors, service providers, contractors, or agents (“third parties”) who perform services for us or on our behalf and require access to such information to do that work.

We have contracts in place with these parties. This means they:

• Cannot use your personal information for any purpose other than performing the services we requested
• Will not share it with other organizations
• Must protect it according to this privacy notice

Categories of third parties include:

• Ad Networks
• Affiliate Marketing Programs
• Cloud Computing Services
• Communication & Collaboration Tools
• Data Analytics Services
• Data Storage Service Providers
• Finance & Accounting Tools
• Large Language Model Providers (e.g., OpenAI, Google)
• Payment Processors
• Performance Monitoring Tools
• Product Engineering & Design Tools
• Retargeting Platforms
• Sales & Marketing Tools
• Social Networks
• Testing Tools
• User Account Registration & Authentication Services
• Website Hosting Service Providers
• Technology Providers

We may also need to share personal information in the following situations:

• Business Transfers. During mergers, acquisitions, financing, or asset sales.
• Affiliates. Within our group companies under this privacy notice.
• Business Partners. To offer you co-branded services, promotions, or events.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: Yes, we may use cookies and similar tracking technologies to collect and store your information, enhance your experience, and serve targeted advertising.

We use:

• Essential Cookies – Needed for website functionality
• Performance and Analytics Cookies – Help us track traffic and behavior
• Functionality Cookies – Remember your preferences
• Targeting/Advertising Cookies – Show relevant ads based on your activity

We and our partners (e.g., Google Ads, Meta, LinkedIn) may use cookies to:

• Serve personalized ads
• Measure ad performance
• Track engagement with our website and emails

Cookie control options:

• Cookie settings on our website (on first visit)
• Your browser settings to disable or delete cookies

6. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

In Short: If you choose to register or log in using a social media account, we may have access to certain information about you.

When you log in using third-party social accounts (e.g., Google, Facebook), we may receive:

• Name
• Email address
• Profile picture
• Friends list
• Other public info depending on your settings

We only use this data as outlined in this privacy notice.

We are not responsible for how those social media providers use your data. Please refer to their privacy policies.

7. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short: We may transfer, store, and process your information in countries other than your own.

Our servers are located in the United States. If you are accessing our Services from outside the U.S., please be aware that your information may be transferred to, stored, and processed by us and by third parties (as listed above) in the United States and other countries.

If you are a resident in the EEA, UK, or Switzerland:

Those countries may not have data protection laws as comprehensive as in your country. However, we take all necessary measures to protect your personal information in accordance with this privacy notice and applicable law.

8. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information as long as necessary for the purposes outlined in this notice unless otherwise required by law.

We retain personal information:

• While your account is active
• As needed for legal, tax, accounting, or compliance purposes

When no longer needed, we will:

• Delete
• Anonymize
• Or isolate the data (if immediate deletion is not possible)

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We use organizational and technical security measures to protect your personal information.

Examples include:

• TLS encryption (in transit and at rest)
• Role-based access
• Secure infrastructure (e.g., AWS)
• Logging and anomaly detection
• Access controls and security training
• Incident response procedures

⚠️ However, no method of transmission or storage is 100% secure. Use the Services at your own risk and only in a secure environment.

10. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18.

By using our Services, you confirm that you are:

• At least 18 years old, or
• A parent/guardian consenting for a minor to use our Services

If we learn that we’ve collected data from someone under 18, we will:

• Delete the account
• Remove the data

To report underage data collection, contact us at [email protected].

11. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: In some regions (like the EEA, UK, Switzerland, and Canada), you have rights that give you greater access and control over your personal information.

These rights may include the right to:

• Request access to your personal information
• Correct or delete your information
• Restrict or object to processing
• Withdraw consent at any time
• Request data portability
• Opt out of marketing communications
• Not be subject to automated decision-making

You may exercise your rights by:

• Contacting us at [email protected]
• Submitting a Data Subject Access Request (DSAR) via our website

If you are in the EEA/UK and believe we are unlawfully processing your personal information, you may complain to your local data protection authority.

Withdrawing Consent

If we rely on your consent to process your data, you may withdraw it at any time. This will not affect processing lawfully conducted before your withdrawal.

Marketing Communications

You may unsubscribe by:

• Clicking the “unsubscribe” link in our emails
• Contacting us at [email protected]

You may still receive essential service messages.

Account Information

You may review, update, or terminate your account by contacting us.

We will delete your account and data, except where retention is required (e.g., for legal, fraud prevention, or troubleshooting purposes).

Cookies and Tracking

You may:

• Click “Reject” on our cookie banner
• Use browser settings to block or delete cookies
• Contact us with questions about ad tracking at [email protected]

12. CONTROLS FOR DO-NOT-TRACK FEATURES

Some browsers offer Do-Not-Track (“DNT”) options. There is currently no accepted industry standard, so we do not respond to DNT signals.

If a standard emerges, we will update this notice accordingly.

13. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes. If you reside in California, Colorado, Connecticut, Utah, or Virginia, you are entitled to specific rights regarding your personal information.

California Residents (CCPA/CPRA)

You may request to:

• Know what personal data we collect
• Access specific data we hold
• Delete your personal information
• Opt out of selling or sharing personal information
• Limit use of sensitive information
• Correct inaccurate data

Categories collected in the past 12 months include:

• Identifiers (name, email, IP)
• Customer Records (billing info, contact data)
• Protected Characteristics (gender, age)
• Commercial Info (purchase history)
• Internet Activity (browsing, search history)
• Geolocation Data
• Audio/Visual data (uploaded videos)
• Professional or Employment data
• Inferences (profiles, behavior)
• Sensitive Data (logins, card numbers, communications content)

To exercise your rights:

Email us at [email protected] or submit a data request.

Verification Required:

We will verify your identity before fulfilling requests. You may also designate an authorized agent.

Colorado, Connecticut, Utah, Virginia Residents

You may have rights to:

• Know whether we process your data
• Access and delete your personal data
• Correct inaccuracies
• Obtain a copy of your data
• Opt out of targeted advertising, sales, profiling

To exercise your rights or appeal a denial:

Email us at [email protected]

14. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as needed to comply with laws.

We will revise the “Last updated” date at the top. For material changes, we may notify you directly.

We recommend checking this notice periodically.

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, contact us:

Email: [email protected]

16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

You may request access, update, or deletion of your personal information by:

• Emailing: [email protected]