CASL Policy

Canada’s Anti-Spam Legislation (CASL)

AM Lead Magnets and/or its related corporations (collectively “AM LEAD MAGNETS”)

Policy Statement

This document sets forth the policy of AM LEAD MAGNETS and is designed to provide reasonable assurance that (i) a consistent process is followed with respect to the dissemination of commercial electronic messages to AM LEAD MAGNETS clients and prospective clients in Canada, and (ii) AM LEAD MAGNETS employees sending commercial electronic messages from and/or to a computer system(s) in Canada comply with the requirements of CASL.

The AM LEAD MAGNETS Anti-Spam Policy (“ Anti-Spam Policy ”) and related procedures (the “CASL Procedures”) require that all AM LEAD MAGNETS employees sending CEMs from and/or to a computer system(s) in Canada or to an electronic address that will be accessed from a computer system in Canada comply with CASL, and seeks to ensure that all CEMs sent by or on behalf of AM LEAD MAGNETS, or using a AM LEAD MAGNETS email address or using a device owned or provided by AM LEAD MAGNETS, comply with CASL.

Policy Details

The Anti-Spam Policy describes AM LEAD MAGNETS’s commitments relating to the provisions of CASL and electronic messages of a commercial nature sent to AM LEAD MAGNETS clients, prospective clients, and others, as applicable. From time to time, AM LEAD MAGNETS may implement additional policies, procedures and/or practices as it relates to anti-spam measures.

Application

This Policy applies to AM LEAD MAGNETS employees who may be sending CEMs from and/or to a computer system(s) in Canada or to an electronic address that will be accessed from a computer system in Canada. With respect to AM LEAD MAGNETS’s operations, the Anti-Spam Policy has been adopted in compliance with the requirements of CASL, and AM LEAD MAGNETS is committed to complying with CASL. All other AM LEAD MAGNETS policies and procedures will be interpreted in a manner that is consistent with the Anti-Spam Policy and that promotes compliance with CASL to seek to deter damaging and deceptive forms of spam from occurring in Canada.

Consent

AM LEAD MAGNETS obtains express, opt-in consent, unless a verifiable basis for implied consent or an exception to consent exists, before sending a CEM to anyone who has not had an existing business relationship with AM LEAD MAGNETS within two years before the date on which the CEM is sent. Unless a valid documented basis for implied consent or an exception to consent exists, AM LEAD MAGNETS also obtains express, opt-in consent for the sending of CEMs to AM LEAD MAGNETS prospects.

The request for consent cannot be in an electronic message unless there exists a basis for implied consent to send the message. The request for consent must be sought separately within a communication (e.g. through a separate action such as affirmatively checking a checkbox) and cannot be bundled as a term of acceptance of an agreement. A verbal consent is acceptable where a record of the details of the consent is maintained in a database.

Form and Content of CEMs

All CEMs are required to comply with the form and content requirements of CASL, generally described as follows:

· identifies the sender;

· the sender’s mailing address;

· the sender’s telephone number or email address or link to a webpage; and

· an unsubscribe mechanism or withdrawal of consent from receiving CEMs from AM LEAD MAGNETS and its subsidiaries and affiliates.

AM LEAD MAGNETS takes steps to require that any third-party service provider who sends CEMs on behalf of AM LEAD MAGNETS complies with CASL.

Storage of Relationship Details

A key component of complying with CASL involves maintaining records of AM LEAD MAGNETS’s relationships with clients and prospective clients.

Each business unit of AM LEAD MAGNETS is required to create and maintain in the business unit’s Client Relationship Management (CRM) system (including, but not limited to, Benchmark, Salesforce), verifiable records documenting the relationships giving rise to implied consent, and verifiable records of express, opt-in consents obtained from AM LEAD MAGNETS clients and prospective clients. “Clients ” are defined as those organizations or individuals who have at least one open account or a contractual relationship with AM LEAD MAGNETS at the relevant time. Organizations or individuals who have closed their last remaining account or terminated their contract with AM LEAD MAGNETS are not considered AM LEAD MAGNETS clients for purposes of this Policy.

Implied consent or express, opt-in consent is obtained in accordance with the CASL Procedures and recorded in the applicable CRM system in order to track the client and prospect relationships.

Records of express, opt-in consent and records documenting the relationships giving rise to implied consent are retained for a minimum of three years after AM LEAD MAGNETS ceases sending CEMs to the AM LEAD MAGNETS client or prospect.

Commercial Electronic Messages

All AM LEAD MAGNETS employees sending CEMs from and/or to a computer system(s) in Canada are required to comply with this Policy and related CASL procedures and processes.

A “CEM” is defined as an electronic message that includes content (for instance, text, hyperlinks, images or attachments) that:

a. promotes, offers or advertises AM LEAD MAGNETS or AM LEAD MAGNETS’s products or services, or employees, or contacts.

b. solicits business for AM LEAD MAGNETS or AM LEAD MAGNETS’s employees or contacts.

c. any other similar message that encourages participation in commercial activity.

Examples include promotional event invitations (e.g., webcasts or AM LEAD MAGNETS events), marketing newsletters, etc.

The following messages do not have to comply with the requirements applicable to CEMs:

· messages sent to AM LEAD MAGNETS clients about their business;

· internal communications about AM LEAD MAGNETS’s business (including communications with AM LEAD MAGNETS offices outside Canada);

· legally required notices, such as messages that are sent to comply with a regulatory requirement (e.g., material changes, required account activity information, etc.).

· responses to requests, inquiries or complaints.

Messages that AM LEAD MAGNETS employees email each other internally using a device that AM LEAD MAGNETS owns or provides, or using a AM LEAD MAGNETS email address, should be related to AM LEAD MAGNETS. AM LEAD MAGNETS employees may not internally email each other offers, promotions, advertisements, or referrals unrelated to AM LEAD MAGNETS business without the internal recipient’s verbal consent.

Compliance by Third Parties

All third-party contracts with service providers who may send CEMs on behalf of AM LEAD MAGNETS must contain contractual clauses obligating the service provider to comply with CASL including the form and content requirements of CEMs.

Unsubscribe Mechanism

CEMs that are not exempt from requirements applicable to CEMs noted above are required to include a form of unsubscribe mechanism to facilitate the withdrawal of consent or do-not-contact requests within a period of time and in a manner that would allow AM LEAD MAGNETS to process that request within 10 days of the date on which the unsubscribe, withdrawal of consent or do-not-contact request was made. This information should be maintained in the applicable database that tracks the client and prospect relationships.

All emails sent by employees will be compliant with CASL and will include the option to ‘unsubscribe’. You can ‘unsubscribe’ from our Commercial Electronic Messages at any time by visiting or by emailing info@am-leadmagnets.com ‘Unsubscribe’ in the subject line.

Policy Administration

The Anti-Spam Policy is maintained by the Compliance department of each SecMY IT legal entity and will be reviewed and updated, where necessary, and approved on an annual basis. Any changes to, or exceptions from this Policy require the approval of the respective SecMY IT Board or equivalent.

Review and Approvals

SecMy IT Compliance is responsible for review and revision of this Policy, subject to approval of the respective SecMyIT Board or equivalent. This Policy is subject to review on an annual basis, or otherwise as needed.

Enforcement and Audit

Compliance with this Policy, and any related procedure, may be reviewed by SecMY IT at any time. Failure to comply with this Policy, as well as any associated procedures, may result in disciplinary action in accordance with the applicable Global Human Resources Disciplinary policy or procedure.