ROSS Mobile App
Privacy Policy

Effective Date: 9/20/2017

This Privacy Policy describes:

• The types of information we may collect from or about you or that you may provide when you install, register with, access or use the ROSS mobile app, and
• Our practices for collecting, using, maintaining, and disclosing that information.

Who Controls and Owns the ROSS Mobile App?

Management Science Associates, Inc. (at times, "we," "us," and/or "MSA") owns the ROSS mobile app and has granted a license for its use to FGX International Inc. ("FGXI").

What Types of Personal Data Does ROSS Contain?

When a User accesses or uses the ROSS mobile app, the types of personally identifiable information are (collectively, "Personal Data"):

• User ID
• Location (to provide you with a list of stores)
• Usage Dat.

How and Where Will Personal Data Be Processed?

Method of Processing

The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to MSA and FGXI, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers) appointed, if necessary, as data processors by MSA. The updated list of these parties may be requested from MSA at any time.

Place

The Data is processed at MSA's operating offices and in any other places where the parties involved with the processing are located. For further information, please contact MSA.

Why Is Personal Data Collected?

The Personal Data concerning the User is collected to allow communication between a User's mobile device and the ROSS website, as well as for the following purposes:

• Displaying content from external platforms (e.g., the ROSS website at fgxi.ross.com)
• FGXI data analysis
• FGXI personnel management
• Other FGXI uses

With Whom Will We Share Your Information?

Personal Data collected by the ROSS mobile app will be disclosed as follows:

• To the licensee, FGXI.
• To our subsidiaries and affiliates to provide support to you in connection with the ROSS mobile app.
• To contractors, service providers, and other third parties we use to support ROSS and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
• As with any other business, it is possible that in the future we could merge with or be purchased by another company. If we are acquired, the company that acquires us would have access to the information maintained by us but would continue to be bound by this Privacy Policy unless and until it is amended.

We may also disclose your Personal Data:

• To the extent that it is required by law, in legal proceedings or in the stages leading to possible legal action arising in connection with the ROSS mobile app or the related services or to establish, exercise or defend FGXI’s or our legal rights.

We do not sell, trade, or rent Personal Data other than as disclosed in this Privacy Policy.

We have implemented reasonable technical and organizational measures designed to deter unauthorized access to and use, destruction of, modification of, or disclosure of other personally identifiable information we collect via the ROSS mobile app. Regardless of the precautions taken by us, by you, or by our third party service providers, no data transmitted over the internet or any other public network can be guaranteed to be 100% secure. We cannot ensure or warrant the security of any information you transmit to us and you provide all personally identifiable information via the ROSS mobile app at your own risk.

Additional Information

The Rights of Users

Users have the right, at any time, to know whether their Personal Data has been stored and can consult MSA to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for their transformation into anonymous format or to block any Data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to MSA at the contact information set out above.

Changes to this Privacy Policy

MSA reserves the right to make changes to this Privacy Policy at any time by giving notice to ROSS mobile app Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the top. If a User objects to any of the changes to the Privacy Policy, the User must cease using the ROSS mobile app and can request MSA to erase the Personal Data. Unless stated otherwise, the then-current Privacy Policy applies to all Personal Data MSA has about Users, and by continuing to use the ROSS mobile app after we make changes to this Privacy Policy, you will be affirmatively accepting those changes.

Definitions

Usage Data

When you access and use the ROSS mobile app, we may automatically collect certain details of your access to and use of the ROSS mobile app, including traffic data, logs and other communication data. We may collect information about your mobile device and internet connection, including the device’s unique device identifier, IP address, operating system, and phone type.

User

The individual using the ROSS mobile app, which must coincide with or be authorized by the data subject, to whom the Personal Data refers.