Security Measures SECURITY MEASURES GRANTED BY RELAYTO About RELAYTO takes security and safety seriously, protecting the confidentiality, integrity, and availability of customer data. We recognize security as a crucial aspect of our system. At RELAYTO, the latest technologies and security best practices are used to provide a secure service. This FAQ highlights various elements and answers certain security-related questions about RELAYTO. Is 2-factor authentication used by your administrative personnel for maintenance and control of your routers and firewalls? Yes Are all devices that store or process a third-party company's sensitive information protected from the Internet by a firewall? Yes. Who administers the firewalls and routers? Our CTO is responsible for network & virtual network security. Describe how Customer user authentication and authorization processes for credential adds, changes, and deletes would be managed. All are self-serviced by customer end-users or customer’s admin within the relayto.com platform. Do you support SAML version 2.0X for Single Sign-on authentication with your customers? Yes Is there a documented policy in place for hardening the operating system for web and other servers? Yes Are periodic security scans performed to determine if system vulnerabilities exist (i.e. ISS)? Yes, quarterly. Would Customer data be segregated, so that one customer cannot access another customer’s data? Yes, each customer operates within its own assigned domain. No data is shared between domains. 38 of 52