PRIVACY POLICY

Effective Date: November 17, 2025

1. Introduction and Scope

ANX LLC, a limited liability company organized under the laws of Wyoming, United States, with operations extending to Israel (referred to as “Company,” “we,” “us,” or “our”), has prepared this Privacy Policy (the “Policy”) to inform users of our practices concerning the collection, use, disclosure, retention, and protection of personal information obtained through our digital platforms located at https://anx.digital/, https://www.alphanetx.com/, https://cobbix.com/, and https://cozzix.com/ (collectively, the “Platform” or “Services”). This Policy applies to all individuals who access, browse, register for, or utilize any Services provided through the Platform (referred to as “User,” “you,” or “your”).

Leo Dahan serves as the Data Controller for purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). Given our international operations and global client base, we comply with multiple regulatory frameworks including GDPR for individuals located in the European Economic Area, the California Consumer Privacy Act and California Privacy Rights Act (Cal. Civ. Code § 1798.100 et seq., collectively “CCPA”) for California residents, and Israel’s Privacy Protection Law, 5741-1981 (“PPL”) as amended.

By accessing or using our Services, you acknowledge that you have read and understood this Policy and consent to the collection, processing, and transfer of your personal information as described herein. If you do not agree with any provision of this Policy, you must immediately discontinue use of the Platform.

2. Categories of Personal Information Collected

We collect several categories of personal information depending on how you interact with our Services. The specific types of data collected during the preceding twelve months include the following:

Identifiers and Contact Information. This category encompasses full legal names, business names, email addresses, postal addresses, telephone numbers, internet protocol addresses, device identifiers, account usernames, and similar unique identifiers assigned to facilitate account creation and service delivery.

Commercial Information. We collect records of products or services purchased, obtained, or considered; transaction histories; payment information including credit card numbers (processed through third-party payment processors), billing addresses, and purchase preferences.

Internet and Network Activity. Our systems automatically capture browsing history on the Platform, search queries, clickstream data, interaction with advertisements or promotional content, session duration, pages viewed, features accessed, and technical information regarding your interactions with our Services.

Geolocation Data. We may collect approximate geographic location derived from internet protocol addresses or, with your express consent, precise geolocation data from mobile devices.

Professional and Employment Information. For business clients, we collect job titles, company names, business contact information, industry classifications, and other employment-related data necessary to provide our Services.

Inferences and Derived Data. We create profiles reflecting preferences, behavioral patterns, interests, predicted needs, and other characteristics derived from analysis of the data categories described above.

User-Generated Content. Any information, data, files, communications, or materials you voluntarily upload, submit, or transmit through the Platform becomes part of your account records.

3. Methods and Sources of Data Collection

Personal information is obtained through several distinct channels. Direct collection occurs when you voluntarily provide information during account registration, subscription purchases, customer support inquiries, participation in surveys or promotional activities, or communication with our personnel. Automatic collection occurs through cookies, web beacons, pixel tags, log files, and similar tracking technologies deployed on the Platform, which gather technical data regarding device characteristics, browsing behavior, and usage patterns. Third-party sources include business partners, data brokers, marketing affiliates, payment processors, authentication services, and publicly available databases.

4. Legal Basis and Purposes for Processing

We process personal information only when a valid legal basis exists under applicable law. The specific legal bases invoked include:

Contractual Necessity. Processing is essential to perform our obligations under the Terms and Conditions, to provide Services you have requested, to process payments, to deliver customer support, and to fulfill other contractual commitments.

Consent. Where required by law, we obtain your express, informed, and freely given consent prior to processing activities such as placement of non-essential cookies, collection of precise geolocation data, or use of information for marketing purposes. Consent may be withdrawn at any time through mechanisms described in this Policy.

Legitimate Interests. We process certain data to pursue legitimate business interests, provided such interests are not overridden by your fundamental rights and freedoms. Legitimate interests include fraud prevention, network security, internal analytics, product improvement, and direct marketing to existing clients.

Legal Obligations. Processing may be necessary to comply with applicable laws, regulations, court orders, governmental requests, or other legal obligations imposed upon us.

The purposes for which we collect and process personal information include: account creation and authentication; provision of Services including software access, feature activation, and technical support; payment processing and billing; communication regarding service updates, system maintenance, security alerts, and policy changes; personalization of user experience and customization of interface elements; analytics to understand usage patterns, identify technical issues, and improve functionality; marketing and promotional activities, including email campaigns directed to existing and prospective clients; fraud detection and prevention; network security and protection against unauthorized access; compliance with legal obligations including tax reporting, regulatory inquiries, and law enforcement requests; and dispute resolution and enforcement of our legal rights.

5. Data Sharing and Third-Party Disclosures

We disclose personal information to various categories of third parties under specific circumstances. Service providers and processors include cloud hosting providers, payment processors (such as Stripe and PayPal), customer relationship management platforms, email service providers, analytics tools, cybersecurity services, and technical support contractors who process data on our behalf pursuant to written agreements requiring GDPR-compliant data protection measures.

Business partners and integrated platforms encompass third-party services with which our Platform integrates, including Facebook, Google Workspace, Salesforce, HubSpot, WhatsApp Business API, Shopify, WooCommerce, and similar platforms, subject to their respective privacy policies.

We may disclose information to legal and regulatory authorities when required by law, in response to valid legal process, to protect our rights or property, to investigate fraud or security incidents, or to comply with governmental requests. In the event of a merger, acquisition, asset sale, or bankruptcy proceeding, personal information may be transferred to successor entities, subject to notice and continuation of privacy protections.

During the preceding twelve months, we have disclosed identifiers, commercial information, internet activity data, and professional information to service providers for business purposes. We do not sell personal information as that term is defined under CCPA, nor do we share personal information for cross-context behavioral advertising purposes.

6. International Data Transfers

Given our operations in Wyoming and Israel and our global client base, personal information is transferred to, stored in, and processed in multiple jurisdictions, including the United States and Israel. For transfers of personal data originating in the European Economic Area to recipients in countries not recognized by the European Commission as providing adequate data protection, we implement appropriate safeguards including Standard Contractual Clauses approved under GDPR Article 46, participation in the EU-U.S. Data Privacy Framework where applicable, and Binding Corporate Rules where relevant.

Users located in the European Economic Area acknowledge and consent to such transfers based on the mechanisms described above. We conduct Transfer Impact Assessments where required and implement supplementary measures to ensure data protection standards equivalent to those mandated by GDPR.

7. Data Retention and Deletion

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, to resolve disputes, and to enforce our agreements. Specific retention periods vary depending on data categories and applicable legal requirements.

Account information and transaction records are retained for the duration of the customer relationship plus seven years thereafter to comply with tax laws, financial reporting obligations, and potential dispute resolution needs. Marketing communications data is retained until you withdraw consent or request deletion, whichever occurs first. Technical logs and security records are typically retained for twelve to twenty-four months unless longer retention is required for investigation of security incidents. Cookies and similar tracking technologies are governed by the retention periods specified in our Cookie Policy, generally ranging from session-based deletion to twenty-four months for analytics cookies, subject to user consent.

Upon expiration of applicable retention periods, we securely delete or anonymize personal information through methods including cryptographic erasure, physical destruction of storage media, and overwriting of data fields. Users may request earlier deletion subject to our legal obligations to retain certain records.

8. Cookies and Tracking Technologies

Our Platform employs cookies, web beacons, pixel tags, local storage objects, and similar technologies to enable functionality, analyze usage, and deliver personalized experiences. Cookies are small text files placed on your device that store information about your preferences and activities.

Strictly Necessary Cookies are essential for Platform operation, including authentication, security features, load balancing, and basic functionality. These cookies do not require consent under GDPR as they are necessary for service provision.

Functional Cookies enable enhanced features such as language preferences, interface customization, and saved settings. We obtain consent before deploying functional cookies.

Analytics Cookies collect aggregated data regarding usage patterns, page views, session duration, and user flows to help us improve Services. Consent is required prior to activation of analytics cookies. We implement privacy-preserving configurations including IP anonymization where technically feasible.

Marketing Cookies track browsing behavior across websites to deliver targeted advertisements and measure campaign effectiveness. These cookies require explicit consent and are blocked until such consent is obtained.

We implement cookie consent management through a granular consent banner that allows users to accept or reject specific categories of cookies. Consent is obtained through affirmative action; pre-checked boxes, implied consent through continued browsing, and forced acceptance are not employed. All non-essential cookies are blocked prior to consent pursuant to GDPR requirements. Users may withdraw consent or modify cookie preferences at any time through browser settings or our consent management interface.

We maintain detailed records of consent actions for at least five years, including timestamps, information provided to users, categories accepted or rejected, and subsequent modifications to preferences, to satisfy audit requirements and demonstrate compliance.

9. Data Security Measures

We implement technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. Security measures include encryption of data in transit using Transport Layer Security protocols and encryption of sensitive data at rest; multi-factor authentication for administrative access; role-based access controls limiting employee access to personal information on a need-to-know basis; regular security audits and vulnerability assessments; intrusion detection and prevention systems; secure backup procedures; and incident response protocols.

Notwithstanding these measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute protection against all potential security threats. Users acknowledge inherent risks in electronic data transmission and agree that we are not liable for unauthorized access resulting from circumstances beyond our reasonable control.

10. Your Rights Under Applicable Laws

Depending on your jurisdiction, you may possess certain rights regarding your personal information. These rights are subject to limitations and exceptions under applicable law.

GDPR Rights (European Economic Area Residents) include the right to access personal data we hold about you and obtain a copy in structured, commonly used, machine-readable format; the right to rectification of inaccurate or incomplete data; the right to erasure (“right to be forgotten”) under certain circumstances; the right to restriction of processing; the right to data portability allowing transfer to another controller; the right to object to processing based on legitimate interests or for direct marketing purposes; and the right to withdraw consent at any time without affecting the lawfulness of processing conducted prior to withdrawal.

CCPA Rights (California Residents) include the right to know what personal information we collect, use, disclose, and sell; the right to request deletion of personal information subject to certain exceptions; the right to opt out of sale or sharing of personal information (though we do not currently sell or share personal information as those terms are defined under CCPA); the right to correct inaccurate personal information; the right to limit use and disclosure of sensitive personal information; and the right to non-discrimination for exercising CCPA rights.

Israeli PPL Rights include the right to access personal data held in databases; the right to review information and request corrections; the right to know the purposes for which data is used; the right to know to whom data is disclosed; and the right to request deletion where legally permissible.

To exercise any of these rights, submit a request through the contact mechanisms provided below. We will verify your identity before processing requests to prevent unauthorized disclosure. Verification methods may include email confirmation, account authentication, or provision of identifying information. We respond to valid requests within thirty days for GDPR requests and forty-five days for CCPA requests, with possible extensions where permitted by law. There is no fee for submitting requests unless they are manifestly unfounded, excessive, or repetitive, in which case we may charge a reasonable administrative fee or refuse to act.

11. Children’s Privacy

Our Services are not directed to individuals under the age of sixteen, and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child without proper parental consent, we will take steps to delete such information promptly. Parents or guardians who believe we may have collected information from a child should contact us immediately.

12. Changes to This Privacy Policy

We reserve the right to modify this Policy at any time to reflect changes in our practices, legal requirements, or service offerings. Material changes will be communicated through prominent notice on the Platform or via email to registered users at least thirty days prior to the effective date. Your continued use of Services following notice of changes constitutes acceptance of the revised Policy. We recommend reviewing this Policy periodically to remain informed of our data practices.

13. Do Not Sell or Share My Personal Information

As stated above, we do not sell personal information as that term is defined under CCPA, nor do we share personal information for cross-context behavioral advertising. Should our practices change in the future, we will update this Policy and provide appropriate mechanisms to exercise opt-out rights.

14. Contact Information and Data Protection Officer

For questions, concerns, or requests regarding this Privacy Policy or our data practices, or to exercise any rights described herein, please contact us at:

ANX LLC
Data Controller: Leo Dahan
https://anx.digital/

For matters specifically concerning GDPR compliance, Israeli Privacy Protection Law obligations, or appointment of representatives in relevant jurisdictions, direct inquiries to the contact information published on our Platform.

We maintain a commitment to transparency in our data handling practices and to respecting the privacy rights of all individuals whose information we process. This Policy represents our good-faith effort to comply with applicable privacy laws across the multiple jurisdictions in which we operate and serve clients.