Updated on January 1, 2024

Horizon Robotics Inc. (the “Company”, “We”, “Us”) is committed to protecting the privacy and security of Personal Information. In the course of its business, the Company collects and uses Personal Information of job applicants and employees. This Privacy Notice (the “Notice”) is applicable to all California employees and job applicants and is adopted to comply with the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”) and describes the categories of Personal Information we collect, how we use this Personal Information, with whom we are likely to share it, what steps we take to ensure its confidentiality and security, and how you can exercise your data protection rights under the CCPA.

For purposes of this Notice, “Personal Information” and “Sensitive Personal Information” shall have the same meaning as defined under CCPA. Personal Information includes without limitation to, name, address, date of birth, marital status, birthplace, preferred language, education and training, computer access and authentication information, photographs and other visual images of you etc. Sensitive Personal Information includes without limitation to, social security number, passport number, driver’s license number, racial or ethnic origin, religious or philosophical beliefs, health information, etc.

1. Categories of Personal Information and Sensitive Personal Information We Collect from You

We may collect the following categories of Personal Information from you for the purpose indicated in this Notice.

• Identifying Information, such as your full name, gender, date of birth, and signature.
• Contact Information, such as your home address, telephone numbers, email addresses, and emergency contact information.
• Dependent’s or Other Individual’s Information, such as their full name, address, date of birth, and Social Security numbers (SSN).
• Educational and Professional Background, such as your work history, academic and professional qualifications, educational records, references, and interview notes.
• Employment Details, such as your job title, position, hire dates, compensation, performance and disciplinary records, and vacation and sick leave records.
• Financial Information, such as banking details, tax information, payroll information, and withholdings.
• Information Systems (IS) Information, such as your search history, browsing history, login information, and IP addresses on the Company’s information systems and networks.
• Geolocation Data, such as time and physical location related to use of an internet website, application, device, or physical access to a Company office location.
• Sensory or Surveillance Information, such as call monitoring and video surveillance.

We may collect the following categories of Sensitive Personal Information from you for the purpose indicated in this Notice:

• National Identifiers, such as SSN, passport and visa information, driver license information and immigration status and documentation.
• Precise Geolocation, such as physical access to a Company office location, or GPS location data from Company owned vehicles.
• Contents of Mail, Email, or Text Messages Not Directed to the Company, if associated with company-provided devices or accounts.
• Demographic Data, such as race, ethnic origin, marital status, disability, and veteran or military status.
• Health and Safety Information, such as health conditions (if relevant to your employment), job restrictions, workplace illness and injury information, and health insurance policy information.
• Unique Identifying Biometric Information, such as facial recognition, fingerprints, or other physical patterns.

We collect these Personal Information or Sensitive Personal Information directly from you either during your job application process, during your employment onboarding process, during the selection of your employee benefits, or during your employment process at the Company.

2. The Purpose for Which We Collect, Use, or Disclose Your Personal Information or Sensitive Personal Information

The Company collects Personal Information and Sensitive Personal Information to use or disclose as appropriate to:

• Comply with all applicable laws and regulations, including responding to subpoena or similar legal process to law enforcement agencies, regulators, and courts.
• Recruit and evaluate job applicants and candidates for employment.
• Conduct background checks.
• Manage your employment relationship with us, including for:
  • onboarding processes;
  • timekeeping, payroll, and expense report administration;
  • employee benefits administration;
  • employee training and development requirements;
  • the creation, maintenance, and security of your online employee accounts;
  • reaching your emergency contacts when needed, such as when you are not reachable or are injured or ill;
  • workers’ compensation claims management;
  • employee job performance, including goals and performance reviews, promotions, discipline, and termination; and
  • other human resources purposes.
• Manage and monitor employee access to company facilities, equipment, vehicles and systems.
• Conduct internal audits and workplace investigations.
• Investigate and enforce compliance with and potential breaches of Company policies and procedures.
• Engage in corporate transactions requiring review of employee records, such as for evaluating potential mergers and acquisitions of the Company.
• Maintain commercial insurance policies and coverages, including for workers’ compensation and other liability insurance.
• Perform workforce analytics, data analytics, and benchmarking.
• Administer and maintain the Company’s operations, including for safety purposes.
• For client marketing purposes.
• Exercise or defend the legal rights of the Company and its employees, customers, contractors, and agents.

The Company will not sell the Personal Information and Sensitive Personal Information we collect. We also will not share them with third parties for cross-context behavioral advertising. We will not use the Personal Information or Sensitive Personal Information collected for any purpose materially different than the purpose listed above, unless an additional and/or updated policy or notice has been first provided to you.

3. How We May Disclose Your Personal Information and Sensitive Personal Information

We may disclose your Personal Information and/or Sensitive Personal Information to the employees within the Company and its affiliated companies who has a need to know in order to carry out our functions and with third-party service providers for fulfilling the above-mentioned human resources, business-related, and/or legal compliance purposes. We will share your Personal Information and/or Sensitive Personal Information only to the extent that is reasonably necessary and proportionate to the intended purposes.

Some of these recipients may be located outside California, in states and countries where different data protection legislations are adopted. We only disclose the Personal Information and/or Sensitive Personal Information to third-party service providers who perform services on behalf of us in accordance with applicable data protection laws, and on the basis that they are bound by contractual obligation to use it only for the specified business purposes for which we disclose it to them, to comply with applicable CCPA obligations, and to provide same or higher level of privacy protection on the Personal Information and/or Sensitive Personal Information.

4. Retention Period of Your Personal Information and Sensitive Personal Information

Your Personal Information and/or Sensitive Personal Information is kept only for a period of time that is necessarily required to fulfill the above-mentioned human resources, business-related, and/or legal compliance purposes, to verify your identity, or to respond to your requests or questions, unless otherwise requested by you or permitted by law.

We use the following criteria to determine how long Personal Information and/or Sensitive Personal Information is stored:

• The time elapsed since the end of your employment;
• The sensitivity of Personal Information (e.g. health data);
• Security constraints (e.g., the security of workplace or our computer systems);
• The applicable statutes of limitations;
• The existence of an ongoing or potential dispute or dispute (e.g. litigation or disciplinary action);
• Any legal or regulatory obligation to retain or delete Personal Information and/or Sensitive Personal Information (for example, a retention obligation imposed by an accounting, tax or other applicable law).

When we have no ongoing legitimate business need or legal obligation to retain your Personal Information and/or Sensitive Personal Information, we will destroy it safely and securely in accordance with our internal policy or we will make it anonymous.

5. Privacy and Security of Your Personal Information and Sensitive Personal Information

We implement commercially reasonable administrative, technical and organizational measures to safeguard your Personal Information and Sensitive Personal Information, including encryption, anonymization and physical security procedures to ensure a risk‐appropriate level of security related to your Personal Information and Sensitive Personal Information. We follow industry best practices to ensure that Personal Information and Sensitive Personal Information are not accidentally or unlawfully destroyed, lost, altered, or disclosed in an unauthorized manner and not accessed or used in an unauthorized manner.

We require our staff and all third parties service providers working for the Company to adhere to strict standards of security and information protection, including contractual obligations under which they undertake to protect all Personal Information and Sensitive Personal Information and apply strict data transfer measures.

Notwithstanding the above, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, the Company cannot guarantee that your Personal Information and Sensitive Personal Information is under absolute security with the existing security technology.

6.  Your Rights and How to Exercise Them

Please note that we collect and share with certain third parties (including but not limited to, the Company’s affiliated companies and service providers) your Personal Information or Sensitive Personal Information for necessary employment management purposes, such as managing payrolls and employment benefits.  If you opt out for sharing or request deletion of such information, the Company may not be able to provide related benefits or services to you. To the extent permitted by law, we may also retain your Personal Information or Sensitive Personal Information for necessary internal management purposes, including but without limitation, legal, accounting, data security, business continuity, anti-fraud, and community reasons.

To exercise your CCPA rights, please submit your request by any one of the following methods:

• Email: us.dream@horizon.cc
• Phone: +1 669-230-3151

Once we receive your request to delete, correct, or access your Personal Information, we may verify it by requesting information sufficient to confirm your identity. If you would like to use an authorized agent to exercise your rights, we may request evidence that you have provided such agent with valid written authority to submit requests to exercise rights on your behalf. We will respond to your request within 45 days of receiving a verifiable request from you or provide you a notice of extension of the response period during this 45-day period. In the event of a notice of extension of the response period, the response period will be extended for an additional 45 days when reasonably necessary. In some cases, your choices to provide, change or delete information may affect our ability to manage your employment relationship with the Company. We may decline to process certain requests if permitted by applicable law.

The Company will not discriminate or retaliate against you for exercising your CCPA rights.