Privacy Shield Notice

Effective Date: June 15, 2026

Introduction

This Privacy Shield Notice (the “Notice”) describes Edge Delta, Inc.’s (“Edge Delta,” “we,” “our,” or “us”) approach to international data transfers and supplements our Privacy Policy and GDPR Privacy Notice.

Privacy Shield and International Data Transfers

The EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework were mechanisms previously used to facilitate transfers of personal data from the European Economic Area (“EEA”), the United Kingdom, and Switzerland to the United States.

In July 2020, the Court of Justice of the European Union issued its decision in Data Protection Commissioner v. Facebook Ireland Ltd. and Maximillian Schrems (“Schrems II”), which invalidated the European Commission’s adequacy decision supporting the EU-U.S. Privacy Shield Framework.

In July 2023, the European Commission adopted the EU-U.S. Data Privacy Framework (“DPF”), which provides a mechanism for participating organizations to receive personal data from the European Union. Similar frameworks have also been established for the United Kingdom and Switzerland.

Edge Delta is not currently certified under the EU-U.S. Data Privacy Framework (or its UK/Swiss extensions). We remain committed to protecting personal data and maintaining appropriate safeguards for international data transfers in accordance with applicable privacy and data protection laws.

International Data Transfer Safeguards

Edge Delta may process personal data in the United States and other countries where Edge Delta, its affiliates, subprocessors, or service providers operate.

Where required by applicable law, Edge Delta implements appropriate safeguards designed to protect personal data transferred internationally, including:

• Standard Contractual Clauses (“SCCs”) approved by the European Commission
• The United Kingdom International Data Transfer Addendum (“UK IDTA Addendum”), where applicable
• Contractual commitments with vendors and subprocessors regarding privacy, confidentiality, and security
• Supplementary measures identified through Transfer Impact Assessments, where appropriate
• Technical and organizational security measures designed to protect personal data during transmission, storage, and processing

Security Measures

Edge Delta maintains administrative, technical, and organizational safeguards designed to protect personal data. Edge Delta is SOC 2 Type 2 compliant, demonstrating our ongoing commitment to high standards of security, availability, processing integrity, confidentiality, and privacy.

These safeguards include:

• Encryption in transit
• Encryption at rest
• Role-based access controls
• Multi-factor authentication
• Security monitoring and logging
• Vulnerability management processes
• Incident response procedures
• Secure software development practices

No method of transmission over the internet or method of electronic storage is completely secure. While Edge Delta works to protect personal data, it cannot guarantee absolute security.

Additional Information

For additional information regarding Edge Delta’s privacy and data protection practices, please review:

• Privacy Policy
• GDPR Privacy Notice
• Subprocessor List

Contact Us

Questions regarding this Privacy Shield Notice or Edge Delta’s international data transfer practices may be directed to:

Edge Delta, Inc.

Website: https://edgedelta.com

Email: security@edgedelta.com