Privacy Policy

Effective as of February 10, 2026.

Last updated June 4, 2026.

This Privacy Policy describes the privacy practices of CubeWorks, Inc. (“CubeWorks,” “we,” “us” or “our”) and how we handle personal information that we collect as a controller through our website at cloud.cubeworks.io (the “Site”) and through social media, our marketing activities and other activities described in this Privacy Policy, and that we collect as a processor on behalf of our business customers through our mobile application and web-based platform (the app and platform collectively, the “Services”). As appropriate, this Privacy Policy will distinguish between our practices as a controller (which is when we process data for our own purposes) and our practices as a processor (which is when we process data on behalf of our business customers as a service provider in connection with our provision of the Services).

As part of the Services, provides temperature monitoring solutions for biopharma and food cold chain through ubiquitous IoT technology. If you have concerns regarding personal information that we process on behalf of a business, please direct your concerns to that business.

If you are located in the European Economic Area (the “EEA”) or the United Kingdom (the “UK”), please consult the Notice to European Users section below.

Index

• Personal information we collect as a Controller
• How we use your personal information as a Controller
• How we share your personal information as a Controller
• Your choices for personal information we collect as a Controller
• Other sites and services
• How long do we keep your personal information
• Security
• International data transfer
• Children
• Changes to this Privacy Policy
• How to contact us
• Personal information we collect as a Processor
• How we use your personal information as a Processor
• How we share your personal information as a Processor
• Notice to European Users

Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

• Precise geolocation data when you authorize our mobile application to access your device’s location.

With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

Notice to European Users

Controller. CubeWorks® is the controller in respect of the processing of your personal information covered by this Privacy Policy for purposes of European data protection legislation (i.e., the EU GDPR and the so-called ‘UK GDPR’ (as and where applicable, the “GDPR”)). See the How to contact us section above for our contact details.

In respect of each of the purposes for which we use your personal information, the GDPR requires us to ensure that we have a “legal basis” for that use. Our legal bases for processing your personal information described in this Privacy Policy are listed below.

I. Personal information we collect as a Controller

When you visit our Site, create an account with us, or communicate with us, we may collect certain personal information about you for which we act as a controller. This section describes the types of personal information we may collect about you as a controller, and the ways in which we collect such information. For clarity, Section I of this Privacy Policy does not apply to information that we process on behalf of our business customers while providing the Services to them — such information is covered under Section II of this Privacy Policy.

Information you provide to us. We may collect the following types of personal information directly from you when you provide it to us through our Site:

• Contact information, such as your first and last name, email address, billing and mailing addresses, professional title and company name, and phone number.
• Account data, such as the username and password that you may set to establish an online account with us, and any other information that you add to your account profile.
• Transactional data, such as information relating to or needed to complete deliveries, including shipment numbers and transaction history, but excluding recipient data and shipment-related data that we process on behalf of our business customers. Recipient data and shipment-related data is described in further detail in Section II below.
• Payment information needed to complete transactions, including payment card information or bank account number.
• Communications that we exchange with you, including when you contact us with questions or feedback, through the Site, social media, or otherwise.
• Marketing data, such as your preferences for receiving our marketing communications, details about your engagement with them and information about how you heard about us.
• Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Third-party sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as:

• Public sources, such as government agencies, public records, social media platforms, and other publicly available sources.
• Data providers, such as information services and data licensors that provide demographic and other information.
• Marketing partners, such as joint marketing partners and event co-sponsors.
• Third-party services that you use to log into, or otherwise link to, your Service account. This data may include your username, profile picture and other information associated with your account on that third-party service that is made available to us based on your account settings on that service.

Automatic data collection. If you visit our Site or Services, we may automatically log the following types of information about you, your computer or mobile device, and your interactions over time with us:

• Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Site, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our marketing emails or clicked links within them.

Cookies and similar technologies. We use cookies and similar technologies (such as web beacons, pixels, tags and scripts) to improve and personalize your experience, provide our Services, analyze Site performance and for marketing purposes. To learn more about how we use cookies and your control over these cookies, please see our Cookie Notice.

How we use your personal information as a Controller

For the personal information we collect about you as a controller, we may use such personal information for the following purposes or as otherwise described at the time of collection:

Service delivery. We may use your personal information to:

• provide, operate, maintain and improve the Site, the Services and our business;
• establish and maintain your user account on the Site and Services;
• enable security features of the Site and Services, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in;
• communicate with you about the Site and Services, including by sending announcements, updates, security alerts, and support and administrative messages;
• understand your needs and interests, and personalize your experience with the Site and Services and our communications; and
• provide support for the Site and Services, and respond to your requests, questions and feedback.
• We also send operational notifications and account-related alerts via email or SMS to users who have opted-in via our platform. Users can manage these settings in their account profile or by replying STOP.

Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Site and Services and our business. As part of these activities, we may create aggregated, de-identified or anonymous data from personal information we collect. We may use this aggregated, de-identified or anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Site and Services and promote our business.

Marketing. We and our service providers may collect and use your personal information for direct marketing purposes. We may send you marketing communications about our products, services or promotions that may be of interest to you. You have the right to prevent direct marketing of any form at any time. You may opt-out of our marketing communications as described in the Opt-out of marketing section below.

Compliance and protection. We may use your personal information to:

• comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
• protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• enforce the terms and conditions that govern the Site or Services or otherwise; and
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

Cookies and similar technologies. We may use these for the purposes outlined in the Cookie Notice.

How we share your personal information as a Controller

For the personal information we collect about you as a controller, we may share such personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.

Affiliates. Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Business customers. Our business customer that is using the Services.

Service providers. Third parties that provide services on our behalf or help us operate the Site and Services or our business (such as hosting, information technology, customer support, email delivery, marketing, and website analytics).

Business and marketing partners. Third parties with whom we collaborate on joint activities, with whom we have entered into joint marketing relationships or other joint ventures, or who we think may offer you products or services that you may enjoy.

Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees. Acquirers and other relevant participants in business transactions (or negotiations and diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, CubeWorks® or our affiliates (including, in connection with a bankruptcy or similar proceedings).

Your choices for personal information we collect as a Controller

For the personal information we collect about you as a controller, you have the following choices with respect to such personal information. Users who are located who are located in the United Kingdom, Switzerland, and the European Economic Area can find additional information about their rights in the Notice to European Users section above.

Access or update your information. If you have registered for an account with us, you may review and update certain account information by logging into your account.

Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.

Cookies. For information about cookies employed by the Services and how to control them, see our Cookie Notice.

Analytics Providers. We work with third party analytics service providers, such as Google Analytics, to help us better understand how people use our Site and Services. For example, we use Google Analytics to learn more about the types of users that visit our Site and to help improve our Site. To provide this service, Google Analytics may collect certain information about you from your computer, including the pages you visit, the length of your visit, information about your device (such as your IP address), and other information about you. You can learn more about Google Analytics and how it collects and processes data by visiting https://policies.google.com/technologies/partner-sites. You can opt out of Google Analytics by using the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout/, or by disabling cookies on your browser.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com or consult our Cookie Notice to understand how you can opt out of receiving cookies.

Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

Delete your content or close your account. You can choose to delete certain content through your account. If you wish to request to close your account, please contact us.

Other sites and services

The Site and Services may contain links to third party websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions nor are they subject to this Privacy Policy. We encourage you to read the privacy policies of the other third party websites and mobile applications and online services you use.

How long do we keep your personal information

We generally retain personal information to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. However, in some circumstances, we will retain your personal information for longer periods of time. We will retain personal information for the following purposes: (i) as long as it is necessary and relevant for our operations and to provide our Site and Services, e.g., so that we have an accurate record of your dealings with us in the event of any complaints or challenge; and (ii) to comply with applicable laws, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Site terms and Services terms and take other actions as permitted by law. To determine the appropriate retention period for personal information, we may consider factors such as the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

When we no longer require the personal information we have collected about you, we may either delete it, anonymize it, or isolate it from further processing.

Security

We employ technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

International data transfer

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may be different from those in your state, province, or country.

Users in the UK and the EEA should read the important information provided in the Notice to European Users above about transfer of personal information outside of the EEA and UK, as applicable.

Children

Our Services are not intended for use by children under 16 years of age. If we learn that we have collected personal information through our Services from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it. We encourage parents or guardians with concerns, or who believe that we might have personal information from or about a child under 16, to contact us.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on our Site. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). We recommend that you check this Privacy Policy periodically for any updates or changes.

How to contact us

• Email: support@CubeWorks.com
• Mail: 1600 Huron Parkway, OFC 520-2364, Ann Arbor, MI 48109
• Phone: (810) 207-1514

II. Personal information we collect as a Processor

When you use our business customers’ implementation of our Services, we may collect certain personal information about you, for which we act as a processor on behalf of our business customers (who act as the controllers of such data). This section describes the types of personal information we may collect about you as a processor, and the ways in which we collect such information. Please note our use and processing of this personal information as a processor is governed by our agreements with our business customers. Our business customers may have their own privacy policies that govern the personal information collected in connection with their use of our Services, and you should consult the policies of and/or contact the applicable business customer to see how they process and share your personal information relating to the Services, including with respect to any rights you may have to such personal information. If we receive any requests to exercise such rights with respect to personal information for which we act as a processor, we are not able to directly accommodate such requests but will forward such requests to the applicable business customer (or otherwise follow the procedure we have agreed upon with the applicable business customer).

Information you provide to us. We may collect the following types of personal information directly from you (on behalf of our business customers) when you provide it through the Services or our business customer’s implementation of our Services:

• Recipient data, such as the recipient’s first and last name, email address, billing and mailing addresses, professional title and company name, and phone number.
• Shipment-related data, such as contents of the shipment.
• Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Automatic data collection. When you use the Services, we may automatically log information about you, your computer or mobile device, and your interaction over time with the Services, such as:

• Precise geolocation data when you authorize our mobile application to access your device’s location.

How we use your personal information as a Processor

For the personal information we collect about you as a processor on our business customers’ behalf, we may use such personal information for the following purposes or as otherwise described at the time of collection:

Service delivery. We may use your personal information to:

• provide and operate the Services;
• establish and maintain your user account;
• communicate with you about the Services, including by sending announcements, updates, security alerts, and support and administrative messages; and
• provide support for the Services, and respond to your requests, questions and feedback.

Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Services and our business. As part of these activities, we may create aggregated, de-identified or anonymous data from personal information we collect. We may use this aggregated, de-identified or anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Services.

Compliance and protection. We may use your personal information to:

• comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
• protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• enforce the terms and conditions that govern the Services or otherwise; and
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

How we share your personal information as a Processor

For the personal information we collect about you as a processor on our business customers’ behalf, we may share such personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.

Business customers. We will share your personal information with our business customer that is using the Services, and our business customers may have their own privacy policies that govern the personal information collected in connection with their use of the Services.

Service providers. Third parties that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, or marketing).

Third parties designated by our business customers. We may share your personal information with third parties where our business customers have instructed us to do so.

Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees. Acquirers and other relevant participants in business transactions (or negotiations and diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, CubeWorks® or our affiliates (including, in connection with a bankruptcy or similar proceedings).
This privacy policy relates to CubeWorks®. This policy sets out how we use and protect any personal information provided to us.