Privacy Policy

Statement Regarding Information Privacy and Data Security

AOC Solutions Inc. (AOC) is committed to protecting the privacy of information supplied by users of AOC services. In the course of providing AOC’s suite of products and services, we need to collect and maintain certain user information which may include nonpublic information.

This statement discloses the privacy practices for AOC and informs you about:

• what organization is collecting the information;
• what information is collected and from whom;
• how to correct, update or delete the information that AOC collects;
• how the information is used and disclosed to third parties; and
• what kind of security procedures are in place to protect the loss, misuse or alteration of information under the company’s control.

General

AOC provides commercial card management, reporting and AP payment applications and services via internet-based technology. Our mailing address is 14151 Newbrook Dr., Suite 200, Chantilly, VA 20151, our telephone number is 703- 234-6300 and our website can be found at www.aocsolutions.com where you can learn more about or company. Our services and use of this website are not intended for use by anyone under the age of 18 and AOC will not knowingly solicit or collect information from users under that age.

Our services are used to facilitate the management and reporting of card based financial transactions between Buyers and Sellers. The majority of our users typically are placed in one of the following categories, and collectively these are called the “System Users”:

1. Public and Private sectors clients and their authorized personnel (End Users); or

2. Financial Institutions who are providing the application through a licensing or contractual agreement to you. In order to facilitate the usage of our application by End Users and Financial Issuers, some information is required to be obtained to allow access to the system, User IDs and profiles, transaction details and other similar information must be collected from the System Users and stored and shared between the parties.

Information Collection

AOC directly collects and stores a wide variety of information for both End Users and the card issuing financial institutions, including but not limited to organization and individual-user profile data (name, mailing address, email address, phone numbers, etc.), payment or financial account information (credit card account numbers, bank accountinformation, etc.), and line item details for the goods and services that are bought and sold. Our servers automatically collect information about which sites users visit and which pages are viewed within the AOC website.

The only Personally Identifiable Information (PII) that we directly collect is information that you voluntarily provide to AOC via your financial issuer. If you supply AOC with personal information we will use that information to authenticate you, to contact you, or so that we can:

• Provide you access to the application and your card based transactional data,
• Provide you with information and /or reports you have requested, or
• Sending you other information that you have requested via extracts, reports or custom files

In the event where PII is directly collected by AOC, (a) the user will have the choice over what information to submit and (b) it will be limited to the minimum amount of information needed to provide the services that have been requested.

Some PII that is directly collected by AOC may be edited or changed by the System User through the user’s own maintenance of their profile and transaction information.OC Privacy Statement Page 2 of 2 Revised April, 2010

Information Use and Disclosure

AOC may, on occasion, share general information with its relationship partners. AOC may disclose information between System Users, or to AOC affiliates or vendors. In some cases, this may require PII to be sent to other countries and, by providing your information; you consent to your information being transferred across national borders.

Such disclosed PII shall be created and disclosed under strict conditions designed to safeguard the security and privacy of the PII. AOC policies limit access to personal user information that is collected to our employees and agents and the employees and/or agents of our affiliates and business partners who need the information to fulfill our obligations to you and their business responsibilities. Vendors and other outside contractors we engage are subject to AOC’s contractual requirements for safeguarding sensitive information.

Employees and others with duties related to providing AOC services receive annual training about privacy policies and AOC security procedures and are subject to non-disclosure and employee agreements which specify remedies up to and including termination if they fail to comply with such policies.

From time to time, however, AOC may disclose this PII to fulfill legal or regulatory obligations or if we determine such disclosure is legally advisable or necessary to protect our rights, the rights of others, or to prevent harm. In addition, we may aggregate data about users of our site and use it for analytical purposes.

Use of Cookies

AOC makes use of a web browser technology called a “cookie”. The purpose of the cookie is to store session variables (information about a user and their transaction) while moving from page to page within the software applications, to enable user-preferences to be recorded, or to gather use information to enable us to improve the design or usability of the website.

Most cookies are stored in Random Access Memory and are deleted when exiting the applications. If the cookie feature is disabled on the user's browser, the user will not be able to use the software properly.

External Internet Sites/Third Parties

Third party external sites may be reached or linked to through AOC’s systems. Such sites may have their own Privacy

Statements or Terms of Use and these terms from AOC do not apply. You are responsible for reviewing and accepting third-party terms. AOC specifically disclaims any responsibility for the content available on such sites or actions or events resulting from such interaction. Any access to other Internet sites is done solely at your own discretion and risk.

Data Security Measures

Protecting the confidentiality and integrity of our user’s data is important to us. AOC maintains compliance with the PCI(Payment Card Industry) Data Security Standard and has enacted certain security methods and protocols that employ valid user identities, passwords, digital certificates; encryption, firewalls, and other measures that we believe meet or exceed the best in the industry. However, AOC does not represent and you acknowledge and agree that no system is 100% guaranteed to be secure from attack or other compromise.

Applicability

This privacy policy does not apply to information we collect through other methods or sources, including sites owned or operated by our affiliates, vendors or partners.