Anti-Spam Policy

1. Our Commitment to Anti-Spam

Adstorm LLC ("Company," "we," "us," or "our") is committed to responsible, consent-based email and electronic communications practices. We do not send unsolicited commercial messages and do not tolerate the use of our Services, platforms, or infrastructure to send spam. This commitment is not merely a legal obligation - it reflects our core values as a digital marketing company and our belief that effective marketing is built on genuine consent, relevance, and respect for recipients' preferences and privacy.

This Anti-Spam Policy ("Policy") applies to all electronic commercial communications sent by or on behalf of Adstorm LLC, and governs the conduct of our staff, contractors, and any users or clients who communicate using our tools, platforms, or services. This Policy is incorporated by reference into our Terms and Conditions and forms part of the binding agreement between you and Adstorm LLC. Capitalized terms not defined in this Policy have the meanings given in our Terms and Conditions.

2. Definition of Spam

For the purposes of this Policy, "spam" means any unsolicited, bulk, or indiscriminate commercial electronic message sent to recipients who have not given clear, informed, and specific consent to receive such communications, or who have withdrawn consent. Spam includes, but is not limited to:

• Unsolicited commercial email (UCE) sent in bulk to individuals who did not opt in to receive it;
• Email sent to purchased, rented, or harvested mailing lists where recipients did not specifically consent to receive messages from the sender;
• Repeated electronic messages sent to individuals who have previously unsubscribed or otherwise indicated they do not wish to receive communications;
• Messages sent with false or misleading header information, including spoofed "From" addresses or falsified routing data;
• Messages with subject lines or preview text that is deceptive, misleading, or does not accurately reflect the content of the message;
• Messages that contain no functioning unsubscribe mechanism or that make unsubscribing unreasonably difficult;
• SMS, push notifications, or other electronic communications sent without required consents; and
• Messages sent using automated or semi-automated tools (including bots) to harvest contact information and initiate contact without consent.

3. CAN-SPAM Act Compliance (United States)

All commercial email communications sent by Adstorm LLC to recipients in the United States comply with the requirements of the CAN-SPAM Act of 2003 and any subsequent amendments. Specifically:

3.1 Accurate Header Information

All emails sent by or on behalf of Adstorm LLC accurately identify the originating sender. The "From," "To," "Reply-To," and routing information in all messages accurately and truthfully identify the person or business that initiated the message. We do not use deceptive or misleading header information, and we do not use third-party domain names without authorization.

3.2 Non-Deceptive Subject Lines

Subject lines accurately reflect the content of each email. We do not use subject lines that are deceptive, misleading, or that falsely suggest the content is a personal message, an urgent alert, a reply to a prior message, or anything other than what it actually is.

3.3 Identification as Commercial Messages

All promotional and marketing emails are clearly identified as commercial messages. Where required, we include a clear statement that the message is an advertisement or promotional communication.

3.4 Physical Postal Address

All commercial email messages sent by Adstorm LLC include our valid physical mailing address: Adstorm LLC, Shams Media City FZ, Al Messaned, UAE.

3.5 Opt-Out Mechanism

Every commercial email we send includes a clear, conspicuous, and functional mechanism for recipients to opt out of receiving future messages. Opt-out requests are processed promptly - no later than ten (10) business days after receipt. Once an unsubscribe request is processed, we do not send further commercial messages to that address. We do not require recipients to pay a fee, provide information beyond their email address, or take any step other than clicking an unsubscribe link or sending a reply to opt out.

3.6 No Selling or Transfer of Opted-Out Addresses

Email addresses that have opted out of our communications are placed on a suppression list and are never sold, transferred, or shared with third parties for marketing purposes.

3.7 Monitoring of Third-Party Senders

Where Adstorm LLC engages third-party email service providers or marketing partners to send email on its behalf, we contractually require those parties to comply with the CAN-SPAM Act and this Policy, and we monitor their compliance.

4. GDPR Consent Requirements (European Union / EEA)

For recipients located in the European Union, European Economic Area, or other jurisdictions where the General Data Protection Regulation (GDPR) or equivalent legislation applies, Adstorm LLC applies the following heightened standards for electronic marketing communications.

4.1 Lawful Basis for Processing

We only send marketing communications to EU/EEA recipients where we have a valid lawful basis for processing under Article 6 of the GDPR. For direct marketing, this lawful basis is ordinarily freely given, specific, informed, and unambiguous consent (Article 6(1)(a)). In limited circumstances, we may rely on legitimate interests (Article 6(1)(f)) where we have conducted and documented a legitimate interests assessment confirming that our interests are not overridden by the rights and interests of the recipient.

4.2 Consent Requirements

Consent obtained from EU/EEA residents for marketing communications meets all of the following requirements:

• Freely given: Consent is not bundled with other terms and conditions, and is not made a condition of accessing a service or receiving a benefit;
• Specific: Consent is obtained separately for each distinct processing purpose, including separate consent for different categories of marketing communications;
• Informed: At the time consent is obtained, we clearly disclose who is collecting the data, what it will be used for, and how it may be shared;
• Unambiguous: Consent is expressed through a clear affirmative action (an active opt-in) and is never inferred from silence, pre-ticked boxes, or inactivity; and
• Documented: We maintain records of all consent, including the timestamp, the mechanism through which consent was given, and the specific consent language presented.

4.3 Right to Withdraw Consent

Recipients may withdraw their consent to receive marketing communications at any time, with immediate effect, by using the unsubscribe link in any email, by contacting us at privacy@adstorm.agency, or by updating their communication preferences where available. Withdrawal of consent does not affect the lawfulness of processing that took place before withdrawal.

4.4 Data Subject Rights

Recipients who are EU/EEA residents retain all rights afforded under the GDPR, including the right to access, rectification, erasure, restriction of processing, data portability, and the right to object. Requests to exercise these rights may be submitted to privacy@adstorm.agency and will be responded to within the statutory timeframes.

5. CASL Compliance (Canada)

Canada's Anti-Spam Legislation (CASL) imposes strict requirements for commercial electronic messages sent to Canadian recipients. Adstorm LLC complies with CASL as follows:

5.1 Express or Implied Consent

We only send commercial electronic messages to Canadian recipients where we have either: (a) express consent - the recipient has clearly and actively agreed to receive messages from us, with full knowledge of who is sending and what types of messages will be sent; or (b) implied consent - the recipient has an existing business relationship with Adstorm LLC within the timeframes permitted by CASL (24 months from the most recent purchase or interaction, or 6 months following an inquiry or application).

5.2 Identification Requirements

All commercial electronic messages sent to Canadian recipients include: (a) the name and contact information of Adstorm LLC as the sender; (b) a mailing address for Adstorm LLC; and (c) a functioning unsubscribe mechanism that remains active for at least sixty (60) days after the message is sent.

5.3 Unsubscribe Processing

Unsubscribe requests from Canadian recipients are processed within ten (10) business days of receipt, which is within the requirement under CASL. After processing, we do not send further commercial messages to the recipient's address.

5.4 Consent Records

We maintain records of express and implied consent for Canadian recipients, including the method and date of consent, the consent language used, and evidence of the existing business relationship where implied consent is relied upon.

6. PECR Compliance (United Kingdom)

The Privacy and Electronic Communications Regulations (PECR) govern direct marketing communications to recipients in the United Kingdom. Adstorm LLC complies with PECR as follows:

6.1 Email and SMS Marketing to Individuals

We only send marketing emails or SMS messages to individual subscribers in the UK where the recipient: (a) has specifically consented to receive such messages from Adstorm LLC or the relevant brand; or (b) is an existing customer who has purchased similar products or services from us, has not opted out, and was given a clear opportunity to opt out when their details were collected and in each subsequent communication (the "soft opt-in" exception).

6.2 Corporate Subscribers

For marketing to corporate entities (companies, partnerships, and limited liability partnerships) in the UK, we ensure that our communications are relevant to the recipient's business activities and that we provide a functioning opt-out mechanism in every message.

6.3 Cookies and Tracking

Our use of cookies, tracking pixels, and similar technologies on our UK-facing websites complies with PECR and the UK GDPR, including obtaining appropriate consent for non-essential cookies. Full details of our cookie practices are set out in our Privacy Policy and Cookie Policy.

6.4 ICO Registration

Where required, Adstorm LLC maintains appropriate registrations with the Information Commissioner's Office (ICO) in connection with processing personal data of UK residents.

7. Opt-In Requirements and Best Practices

7.1 Double Opt-In (Preferred Standard)

Adstorm LLC's preferred and recommended standard for consent is a confirmed double opt-in process. Under this process: (a) a prospective subscriber submits their email address through a sign-up form; (b) a confirmation email is sent to that address containing a unique verification link; and (c) the subscriber is only added to our active mailing list after clicking the confirmation link. Double opt-in provides strong evidence of consent, reduces bounce rates, and ensures the accuracy of subscriber data. Where technically feasible, we implement double opt-in on all new subscriber sign-up flows.

7.2 Single Opt-In Standards

Where single opt-in is used, all of the following requirements must be met: (a) the sign-up form must clearly state what the subscriber is signing up to receive; (b) the form must identify Adstorm LLC and the relevant brand by name; (c) a pre-checked checkbox may not be used as the consent mechanism; (d) a confirmation or welcome email must be sent immediately to verify the address; and (e) a record of the IP address, timestamp, and consent language must be retained.

7.3 Transparency at Point of Collection

At every point where we collect contact information for marketing purposes, we clearly and conspicuously disclose: (a) the identity of the organization collecting the data; (b) the types of communications the subscriber will receive; (c) the frequency of communications (where known); (d) how the subscriber can unsubscribe; and (e) a link to our Privacy Policy.

7.4 Preference Management

Where we operate multi-category communications programs, we provide subscribers with tools to manage their preferences, including the ability to select specific categories of communications they wish to receive, rather than requiring a full unsubscribe as the only option.

8. Unsubscribe Mechanisms

Adstorm LLC maintains robust and reliable unsubscribe mechanisms in all commercial electronic communications:

• Every marketing email contains a clearly labeled unsubscribe link, positioned prominently in the email body or footer;
• The unsubscribe link directs to a functional landing page that processes the unsubscribe request without requiring login, password entry, or additional personal information;
• Unsubscribe requests are processed no later than ten (10) business days after receipt (or shorter where required by applicable law);
• Unsubscribed addresses are added to a suppression list and are not mailed again for marketing purposes;
• Suppression lists are maintained indefinitely and are checked against all new outbound campaigns before sending;
• Unsubscribed addresses are never removed from our suppression list without explicit re-consent from the individual; and
• Recipients may also unsubscribe by emailing privacy@adstorm.agency with the subject line "Unsubscribe," and their request will be processed within the applicable timeframe.

Note: Transactional emails (such as purchase receipts, account notifications, password resets, and service-related communications) are not subject to the same opt-out requirements as marketing communications. However, we aim to keep all communications relevant and minimal.

9. Third-Party Lists - Prohibition

Adstorm LLC maintains a strict prohibition on the use of third-party purchased, rented, or scraped mailing lists for marketing communications. This prohibition applies to:

• Email lists purchased from data brokers or list vendors;
• Lists of addresses harvested from public websites, social media platforms, or directories without the express consent of the individuals listed;
• Lists obtained through data leaks, breaches, or other unauthorized means;
• Lists shared by affiliates or partners where the provenance and quality of consent cannot be independently verified; and
• Any list where the individuals on the list did not specifically and knowingly consent to receive commercial communications from Adstorm LLC or the specific brand under which the communication is sent.

Where we engage with affiliate partners, co-registration campaigns, or lead generation programs, we require contractual assurances and conduct due diligence to verify that any contacts provided to us have given appropriate consent and are compliant with applicable anti-spam laws. We reserve the right to audit partners' consent practices and to terminate relationships where compliance cannot be verified.

10. Employee and Contractor Obligations

All employees, contractors, consultants, and other personnel who send electronic communications on behalf of Adstorm LLC or manage communications programs are required to:

• Read, understand, and comply with this Anti-Spam Policy;
• Complete training on applicable anti-spam laws and best practices as required by the Company;
• Obtain explicit approval from management before initiating any new outbound marketing campaign or changing the scope of an existing campaign;
• Never send commercial electronic messages from personal email accounts or personal devices on behalf of Adstorm LLC;
• Never add email addresses to Adstorm LLC's mailing lists unless those individuals have provided appropriate consent through an authorized channel;
• Report any suspected spam complaints, deliverability issues, or potential policy violations to management promptly;
• Maintain records of consent in accordance with Company procedures; and
• Comply with all applicable anti-spam laws in any jurisdiction where they are conducting communications activities.

Violations of this Policy by employees or contractors may result in disciplinary action up to and including termination of employment or contract.

11. Monitoring and Enforcement

Adstorm LLC actively monitors its email programs to detect and prevent spam and non-compliant communications. Our monitoring activities include:

• Tracking of spam complaint rates, bounce rates, and unsubscribe rates across all campaigns, with action taken when metrics exceed acceptable thresholds;
• Regular audits of consent records, subscriber lists, and sign-up flow compliance;
• Review of email content before deployment to ensure compliance with this Policy and applicable laws;
• Monitoring of email sending infrastructure to detect unauthorized use or abuse;
• Reviewing feedback loops provided by major email providers (such as Gmail, Microsoft, and Yahoo) to identify and suppress addresses that mark our messages as spam; and
• Periodic review of this Policy and updates to reflect changes in applicable law, industry best practices, and our business activities.

Where we identify non-compliant communications, we will take prompt corrective action, including ceasing the relevant campaign, notifying affected recipients, and reviewing and remedying the root cause.

12. Reporting Spam

If you believe you have received an unsolicited or non-compliant commercial message purportedly from Adstorm LLC or any brand operated by us, we want to know. Please report it to us at:

Email: privacy@adstorm.agency

When reporting, please include:

• The email address at which you received the message;
• The full text of the message, including the email headers (if available);
• The date and time you received the message; and
• A description of why you believe the message was unsolicited or non-compliant.

We investigate all reports promptly. If the message was sent by or on behalf of Adstorm LLC in error or without proper consent, we will unsubscribe you immediately, investigate the cause, and take appropriate corrective action. If the message appears to be from a party impersonating Adstorm LLC, we will investigate and take appropriate steps to stop the impersonation.

You may also report spam to the relevant national authorities, including the FTC (United States), ICO (United Kingdom), CRTC (Canada), or your national data protection authority, depending on your jurisdiction.

13. Consequences of Violation

Users or clients who use Adstorm LLC's Services, infrastructure, or branding to send spam or to engage in conduct that violates this Policy will face consequences up to and including:

• Immediate suspension or permanent termination of access to all Services;
• Termination of any consulting or service agreement with immediate effect, with Adstorm LLC retaining the right to payment for work already performed;
• Civil claims for damages caused to Adstorm LLC's reputation, deliverability infrastructure, or business operations resulting from the violation;
• Reporting of the violation to relevant law enforcement or regulatory bodies, including the FTC, ICO, CRTC, or other anti-spam authorities; and
• Cooperation with any investigation or enforcement action by regulatory authorities.

Anti-spam violations can result in substantial regulatory fines under applicable law (up to USD $50,120 per email under CAN-SPAM, up to EUR 20 million or 4% of global annual turnover under GDPR, and up to CAD $10 million per violation under CASL). Adstorm LLC will seek full indemnification from any user or client whose actions expose the Company to regulatory liability.

14. Modifications to This Policy

Adstorm LLC reserves the right to modify this Anti-Spam Policy at any time to reflect changes in applicable law, regulatory guidance, industry best practices, or our business practices. When we make material changes, we will update the "Last updated" date at the top of this page and, where practicable, notify active users and clients by email or through the Services. Your continued use of the Services after any such modification constitutes your acceptance of the updated Policy.

15. Contact

For questions about this Anti-Spam Policy, to exercise your communication preferences or data rights, or to report a suspected spam violation, please contact our privacy team:

For general enquiries: hello@adstorm.agency

We aim to respond to all privacy and anti-spam enquiries within five (5) business days.