RENAISSANT PRIVACY POLICY

Last Updated: January 1, 2026

Renaissant, Inc. (“Renaissant,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with our websites, software platform, applications, and related services (collectively, the “Services”).

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. Where applicable law requires consent for specific processing activities (such as the collection of biometric identifiers or the use of certain cookies), we will obtain that consent separately and in the manner required by law.

  • Scope of This Policy: This Privacy Policy applies to personal information collected through the Renaissant Platform and Services; through our websites and online properties that link to this Policy; through marketing, sales, and customer support interactions. This policy does not apply to third-party websites or services that may be linked from the Services.

  • Information We Collect: We collect personal information you or your organization provide in connection with the Services, including when you: create or administer an account; register users, drivers, vehicles, or assets; communicate with us or request support; subscribe to marketing communications. Examples include: name, email address, phone number, company name, role, business contact details, personnel identifiers required for access control (such as employee IDs and, where applicable, driver’s license numbers), photographs, and credentials or authentication information. Sensitive Personal Information. Certain information we collect is considered “sensitive” under applicable privacy laws, including biometric identifiers (such as facial geometry or fingerprint templates used for identity verification) and account credentials. We collect and use this information only for the limited purposes described in this Policy, including identity verification, access control, and security, and we do not use sensitive personal information to infer characteristics about you. Biometric information is handled in accordance with our separate Biometric Information Policy, available at https://renaissant.com/biometric-policy/ or by request at privacy@renaissant.com. When you use the services, Renaissant may also automatically collect: usage data (e.g. actions taken within the platform, timestamps, feature utilizations, etc.); device and connection data (e.g. IP address, browser type, operating system, device identifiers, etc.); log and security data (e.g. access logs, audit trails, error reports, etc.). We use cookies and similar technologies to: operate and improve the Services, analyze usage and performance, and support marketing and promotional activities. You may control cookies through your browser settings and applicable opt-out tools.

  • How We Use Information: We use personal information for the following purposes:

  • Service delivery and operations: To provide, operate, and maintain the Services; to authenticate users and manage access controls; to process transactions and support requests.

  • Security, Compliance, and Integrity: To monitor, detect, and prevent fraud or misuse; to enforce agreements and policies; to comply with legal and regulatory obligations.

  • Analytics and Product Improvement: To analyze trends and usage patterns; to develop and enhance features and functionality.

  • Marketing and Communications: To send newsletters, product announcements, and promotional communications; To personalize marketing based on engagement and preferences.

You may opt out of marketing communications at any time by using the unsubscribe link in emails, or by contacting us at privacy@renaissant.com.

  • Legal Bases for Processing: Where required by applicable law, Renaissant processes personal information based on: performance of a contract; legitimate business interests (e.g. service improvement, security, etc.); consent where required for marketing or optional technologies.

  • Disclosure of Information: We may share personal information with or for:

  • Service Providers and Subprocessors: Third parties that perform service on our behalf such as: hosting, analytics, communications, and customer support.

  • Affiliates: Entities under common ownership or control with Renaissant.

  • Legal and Safety: When required by law, legal process, or to protect the rights, property, or safety of Renaissant, our customers or others.

  • Business Transactions: In connection with a merger, acquisition, financing, reorganization, or sale of assets.

  • Your Privacy Rights and Choices:

  • Access, Correction, and Deletion: You may request access to, correction of, or deletion of your personal information, subject to applicable law. To submit a request – including requests under California and Illinois privacy laws – please contact privacy@renaissant.com. We may verify your identity before fulfilling requests and will respond within the timeframes required by law. Depending on your jurisdiction, you may have the right to: (i) know or access the personal information we process about you; (ii) correct inaccurate personal information; (iii) request deletion of your personal information; (iv) receive a copy of your personal information in a portable format; (v) opt out of the sale or sharing of personal information and the processing of personal information for targeted advertising or certain profiling; (vi) limit the use and disclosure of sensitive personal information; (vii) withdraw consent where processing is based on consent; and (viii) lodge a complaint with a competent data protection authority. We will not discriminate against you for exercising these rights. If our decision on your request is not what you expected, you may appeal by replying to our response or contacting us at privacy@renaissant.com.

  • Marketing Preferences: You may opt out of marketing communications at any time as described above.

  • Data Retention: We retain personal information only for as long as reasonably necessary to: provide and improve the Services; meet legal, regulatory, or contractual obligations; and resolve disputes and enforce agreements. As a general baseline, we retain account and transactional records for seven (7) years following account termination or the end of the customer relationship, unless a shorter or longer period is required or permitted by law. Biometric information is retained only for the period described in our separate Biometric Information Policy. The specific retention periods we apply, and the criteria we use to determine them, are described in our Data Retention Policy, available upon request at privacy@renaissant.com.

  • Security: Renaissant is designed and built with security, availability, and confidentiality as foundational principles. Our platform and its internal controls are developed to align with the SOC 2 Trust Services Criteria, including controls related to security, availability, processing integrity, confidentiality, and privacy.

  • We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. These safeguards include, but are not limited to: role-based access controls and least-privilege access; encryption of data in transit and at rest; centralized logging and monitoring; secure software development and change-management practices; vendor and infrastructure risk management; incident response and escalation procedures.

  • While we take reasonable and appropriate measures to protect personal information, no system can be guaranteed to be completely secure. You are responsible for safeguarding your accounts and credentials.

  • Renaissant does not sell personal information and does not share personal information for cross-context behavioral advertising as defined under applicable privacy laws.

  • Biometric Information: Where the Services involve the collection of biometric identifiers or biometric information (such as scans of facial geometry or fingerprint templates), Renaissant’s handling of that information is governed by our separate Biometric Information Policy, which is published in accordance with the Illinois Biometric Information Privacy Act (BIPA) and similar state laws. The Biometric Information Policy describes the purposes for which we collect biometric data, our written notice and release process, our retention and destruction schedule (not longer than three years from your last interaction with Renaissant), our prohibition on selling or profiting from biometric data, and the limited circumstances in which we may disclose it. The current Biometric Information Policy is available at https://renaissant.com/biometric-policy/ or by request at privacy@renaissant.com.

  • Children’s Privacy: The Services are intended for business users and are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16 (or under 13 for purposes of the U.S. Children’s Online Privacy Protection Act). If we become aware that we have inadvertently collected personal information from a child without appropriate consent, we will take steps to delete it. If you believe a child has provided personal information to us, please contact privacy@renaissant.com.

  • Cookies and Tracking Technologies: We use cookies, pixels, local storage, and similar technologies in the following categories: (i) strictly necessary cookies, which are required to operate the Services and cannot be disabled; (ii) functional cookies, which remember your preferences and settings; (iii) analytics cookies, which help us understand how the Services are used; and (iv) marketing cookies, which support promotional activities. Where required by law, we will obtain your consent before placing non-essential cookies through a cookie banner or similar mechanism. You may manage your cookie preferences at any time through our cookie settings link, your browser settings, or applicable industry opt-out tools.

  • Do Not Track and Global Privacy Control: Some browsers transmit “Do Not Track” (DNT) signals. Because there is no industry consensus on how to respond to DNT signals, the Services do not currently respond to them. Where required by applicable law (including under the California Consumer Privacy Act), we honor recognized opt-out preference signals such as the Global Privacy Control (GPC) as a valid request to opt out of the sale or sharing of personal information and the processing of personal information for targeted advertising.

  • Automated Decision-Making and Profiling: Renaissant does not use personal information to make decisions about you that produce legal or similarly significant effects without meaningful human involvement. If this changes, we will update this Policy and, where required by law, provide additional information about the logic involved and your right to request human review.

  • Artificial Intelligence and Machine Learning: Renaissant does not use customer personal information to train third-party generative AI or large language models. We may use aggregated or de-identified data to improve the Services, including internal machine learning features such as analytics and anomaly detection, in a manner that does not identify any individual.

  • Data Breach Notification: In the event of a security incident affecting personal information, Renaissant will notify affected individuals, customers, and regulators as required by applicable law, including within the timeframes specified by such laws. Customers will be notified in accordance with their applicable agreements with Renaissant.

  • Notice for U.S. State Residents: If you are a resident of California, Colorado, Connecticut, Virginia, Utah, Texas, Oregon, or another U.S. state with a comprehensive consumer privacy law, you may have additional rights as described in the “Your Privacy Rights and Choices” section above. We do not sell personal information or share it for cross-context behavioral advertising or targeted advertising as those terms are defined under such laws. Categories of personal information we collect, the purposes for which we use them, and the categories of recipients are described in the “Information We Collect,” “How We Use Information,” and “Disclosure of Information” sections above. To exercise your rights, including the right to opt out of any sale or sharing, contact privacy@renaissant.com or use the “Do Not Sell or Share My Personal Information” link on our website where available. Authorized agents may submit requests on your behalf with proof of authority.

  • Notice for EEA, UK, and Swiss Residents: If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the rights described in the “Your Privacy Rights and Choices” section above under the EU and UK General Data Protection Regulations and the Swiss Federal Act on Data Protection. You also have the right to lodge a complaint with your local data protection authority. Where Renaissant acts as a data controller, our legal bases for processing are described in the “Legal Bases for Processing” section. Where Renaissant processes personal information on behalf of a customer, the customer is the controller and you should direct your rights requests to that customer; we will assist the customer as required by law.

  • International Data Transfers: Your information may be processed and stored in the United States and other jurisdictions where Renaissant or its service providers operate. We use appropriate safeguards for cross-border data transfers as required by law.

  • Third-Party Links: The services may contain links to third-party websites or services. We are not responsible for the privacy practices of those third-parties.

  • Changes to This Privacy Policy: We may update this Privacy Policy from time to time to reflect legal, technical, or business changes. The most up-to-date Policy can be found at https://renaissant.com/privacy/. If we make material changes, we will update Renaissant’s website and may provide a notice through the Services or other appropriate means. The “Last Updated” above indicates when this Policy was last updated.

  • Contact Us: If you have questions, concerns, or requests regarding this Privacy Policy, please contact us at privacy@renaissant.com, or by mail at: Renaissant, Inc., Attn: Privacy, W263N6209 Ridge Dr., Sussex, WI 53089, USA.