PRIVACY POLICY

Last updated May 2024

PRIVACY POLICY AS UPDATED ON _____________
We respect your privacy and are committed to protecting your Personal Information. This Privacy Policy (the “Policy”) outlines how _____________ (“Company” or "us" or "we" or "our") and its affiliates collect, use, store, process, transfer, and disclose your information through our gaming application “Lucky Road” (“App”). This Policy applies to your interactions with and usage of our App, which facilitates immersive gaming experience and competitive interactions among players. By reviewing this Policy, you will gain a comprehensive understanding of your privacy rights and choices.
Your access to or utilization of our App operated by the Company linked to this Policy implies your agreement to be governed by this Policy. By providing us with your Personal Information, you expressly consent to the use and disclosure of your Personal Information as outlined in this Policy. This Policy, along with the Terms of Service, is applicable to your use of the Services and you explicitly agree and acknowledge to read the Privacy Policy in conjunction with the Terms of Service.
The term “Personal Information” shall mean any information that relates to an identified or identifiable individual, and can include information that you provide to us and that we collect about you, such as when you engage with our App (e.g. device information, IP address, location etc.).
By utilizing the App, or furnishing your Personal Information, you explicitly agree and acknowledge that you accept the terms delineated in this Policy. The terms 'you' or 'your' in the context of this Policy collectively pertain to any individual utilizing our App, whether for personal use or on behalf of others.
By visiting the App or providing your information, you expressly agree to be bound by this Privacy Policy and agree to be governed by the privacy laws of the United States including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant regulations governing data protection and privacy, as mentioned in this Policy.
IF YOU DO NOT CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS SET FORTH IN THIS PRIVACY POLICY, PLEASE REFRAIN FROM ACCESSING AND/OR USING OUR APP.
1. TO WHOM DOES THIS POLICY APPLY?
1.1. This Policy is inclusive and applies to all Users of our App, irrespective of their browsing intent or their extent of utilizing the App.
1.2. The applicability of this Policy extends to Users regardless of the device type used for accessing our App, whether it be a laptop/desktop or a mobile/tablet device.
1.3. We do not knowingly collect or solicit Personal Information from anyone under the age of eighteen (18) or knowingly allow such persons to access and/or use the App. If you are under the age of eighteen (18), please do not attempt to access the App or send any information about yourself to us. No one under the age of eighteen (18) may provide any Personal Information to us.
2. WHAT IS THE INFORMATION THAT WE COLLECT FROM YOU?
2.1. To access and utilize the App, you must download the App from the official app store compatible with your mobile device (e.g., Apple App Store for iOS devices).
2.2. Upon installing the App, you may initiate the game and compete with other Users to achieve the highest score to become eligible for cash prizes offered by us. Subject to Clause 3 of our Terms of Service, you may be required to provide certain information such as full name, email address, and contact number (“Contact Information”).
2.3 To claim the prize you are further required to perform the following:
2.3.1. Identification information: Provide a government-issued photo identity proof such as a passport, driving license, etc. to verify your identity and age before transferring the cash prize.
2.3.2. Residential Information: Provide residential information such as your locality and city of residence to facilitate us to arrange a photographer in your locality in accordance with Clause 6 of our Terms of Service
2.2.3. PayPal Information: Provide your PayPal full name, username, email address, and phone number to request and claim the cash prize.
2.3.4. Photograph information: Based on the Residential Information provided, you will need to meet with the designated photographer in your locality who will take a picture of you with a large check displaying your first name, initial of the last name, and the amount of the cash prize (in USD).
2.4. Certain added information is collected from you when you use and/or access our App. This includes but is not limited to the following:
2.4.1. Additional Information: It includes without limitation, when you communicate with us, invite your friends to play and/or geolocation, or share your feedback with us by rating your gaming experience within the App;
2.4.2. Communication with us: This can include any communication that you send to us, including email communications for availing cash prizes or for any inquiries, technical support, etc;
2.4.3. Device Identification data: This includes information that may assist us in identifying your device, including version, your operating system, etc;
2.4.4. Other Data: This can include the following, based on your interaction with the App-
a. Number of times you access our App;
b. The length of time you spent on the App;
c. The period of time from when you became active and have continued to be active on the App;
d. Other similar statistics we may collect with the intention to improve the User experience of the App.
2.5. You agree to provide us with your Personal Information whenever you use our Services by performing any of the following functions:
2.5.1. Accessing our App by means of any web browser or any device;
2.5.2. Playing the game through our App;
2.5.3. Initiating and maintaining correspondence with us.
2.6. You understand and agree that we do not directly collect Personal Information from Users and all sensitive Personal Information collected through our App is introduced solely by the User. We do not collect any personal or sensitive information without the User’s explicit input and consent. Users are responsible for the accuracy and completeness of the information they provide. By using our App, you acknowledge that you are bound by the terms and policies of our third-party service providers including without limitation, our storage partner Unity and payment partner PayPal. We prioritize User privacy and security by relying on trusted third-party service providers, and we encourage Users to review and understand the policies of these platforms to protect their interests.
2.7. We strive to take extra precautions to ensure that such Personal Information is kept secure and confidential, and we will only retain this data for as long as necessary for the purposes for which we collect it as per the permissible laws of the land.
2.8. This Policy will not apply to any unsolicited information provided by you through the App or through any other means. This includes but is not limited to, information posted on any public areas of the App. All such unsolicited information shall be deemed to be non-confidential and we will be free to use and disclose such unsolicited information without limitation.
2.9. We shall not be liable for any loss or damage sustained by you as a result of any disclosure (inadvertent or otherwise) of any Personal Information concerning your identification or payment-related information in the course disbursement of the cash prize. For this purpose, we recommend that you go through the terms of service of our payment service provider, Paypal which can be found here, and terms and conditions of our service partner for identification verification ______ which can be found [here].
2.10. Access to your Personal Information is limited to our employees, agents, partners, and third parties, who we reasonably believe will need that information to enable us to provide a smooth gaming experience within the App to you. However, we are not responsible for the confidentiality, security, or distribution of your own Personal Information by our partners and third parties such as our payment processors (who have their own privacy policies) outside the scope of our agreement with such partners and third parties.
2.11. When you use our App, we collect and store your information which is provided by you from time to time. In general, you can access the App without telling us who you are or revealing any Personal Information about yourself. Once you give us your Personal Information, you are not anonymous to us. Where possible, we indicate which fields are required and which fields are optional. You always have the option to not provide information by choosing not to use a particular service, product, or feature on the App.
3. HOW DO WE COLLECT THE INFORMATION
3.1. We employ various methods to gather information, ensuring a comprehensive understanding of User interactions and preferences. The collection of Personal Information is facilitated through the following processes:
3.1.1. Information you give us: When you provide us with the information referred to in Clauses 2.2, 2.3, and 2.4 through the methods outlined in Clause 2.5;
3.1.2. Session Management: We study session metrics to understand how Users interact with the App. This helps us learn the average time Users spend on the App and when they prefer to engage. We use tools like Unity Gaming Services Analytics to collect anonymous data, including the number of views, how long Users stay, screen views, button clicks, and where they're visiting from. This data allows us to optimize the User experience, making informed enhancements to cater to User preferences and behaviors;
3.1.3. User analytics: We analyze User behavior and preferences, by collecting and analyzing Personal Information within the App to track and ensure accuracy, promptly identify any unauthorized transactions, and detect fraudulent activities, allowing us to take immediate corrective action.
3.2. In addition to direct User interactions, we utilize various data collection methods to enhance User experience and optimize App functionality. These methods assist in tracking User preferences, providing personalized experiences, and improving the performance of our App. Users have the option to manage their data preferences through their device settings. Below are the categories of data collection methods used in our App along with a description of what they are used for:
3.2.1. Essential Data Storage: These mechanisms are essential for running our App and keeping it secure. They also help us comply with applicable regulations and keep your details safe and private. Examples include storing authentication tokens and app settings.
3.2.2. Functional Data Storage: These mechanisms remember preferences such as your region or country, preferred language, and accessibility options like large font or high-contrast pages. They ensure the app functions according to your preferences every time you use it.
3.2.3. Performance Tracking: These mechanisms tell us how you and other Users use our App. We aggregate and analyze this data to improve the performance and functionality of our services. Examples include tracking screen views, button clicks, and usage patterns.
3.2.4. Event Tracking: Through this mechanism, our App can define custom events to track specific actions taken by Users, such as completing a level in a game, or sharing content.
3.2.5. Web Beacons, Pixel Tags, and Trackers: We may employ Web Beacons, Pixel tags, and trackers which are tiny graphic images and/or small blocks of code placed on mobile apps, ads, or in the emails that allow us to determine whether you performed a specific action. When you access these pages, or when you open an email, you let us know that you have accessed the App or opened the email. These tools help us measure responses to our communications and improve our promotions.
3.2.6. Log Files: Our App utilizes the Unity platform for servers and analytics. The Unity platform may automatically collect information sent by Users' devices, known as log files. This data can include IP addresses, device information, browser type, and timestamps. These log files are instrumental in analyzing trends, administering the App, and diagnosing technical issues.
3.2.7. Third-Party SDKs: We integrate third-party Software Development Kits (SDKs) to provide additional functionality, such as analytics and advertising. These SDKs may collect information about your device, app usage, and interactions to help us understand User behavior and deliver targeted content.
3.2.8. Advertising Identifiers: We use the Identifier for Advertisers provided by your iOS device for advertising purposes, such as Google AdMob. Google AdMob uses IDFA under the guidelines laid out in the iOS Developer Program License Agreement. These identifiers help us deliver personalized ads and track the effectiveness of our advertising campaigns.
3.2.9. Information from other sources: We may collect Personal Information from other sources, including but not limited to:
3.2.9.1. If a User or any third party submits a complaint about you, we may receive information relating to the specific complaint made in order to understand and, where relevant, address the complaint; and
3.2.9.2. To the extent permitted by applicable law, we may receive additional information about you, such as references, demographic data, and information to help detect fraud and safety issues from (i) third-party service providers, other third parties, and/or partners, or (ii) Users and any other individuals, entities, and authorities, and combine it with information we have about you. For example, we may receive background check results or fraud warnings from identity verification service providers for use in our fraud prevention, security investigation, and risk assessment efforts. We may receive information about you and your activities on and off the App, including from Users of our App, members of the public, or governmental, public, or tax authorities, or about your experiences and interactions with our partners. We may receive health information including, but not limited to, health information related to contagious diseases.
4. WHY DO WE COLLECT YOUR INFORMATION?
4.1. We shall collect your information only for lawful and legally permissible purposes which are as follows:
4.1.1. User Authentication: We collect your information to help us identify you as and when you access the App when you provide details to us, or when you utilize our App. This includes but is not limited to identifying you as a winner and contacting you;
4.1.2. Communicate with you: We use your Personal Information to communicate with you concerning prize disbursement via different channels (e.g., by phone, e-mail, chat) including to inform you regarding travel location and accommodation;
4.1.3. Deliver physical prizes: We use your Personal Information to provide you with prizes that you may win when you achieve the highest score on the leaderboard;
4.1.4. Fraud Prevention and Credit Risks: We use your Personal Information to prevent and detect fraud and abuse to protect the security of our Users;
4.1.5. Troubleshoot Problems: We use your Personal Information to provide functionality, analyze performance, fix errors, and improve the usability and effectiveness of the App;
4.1.6. Compliance with law: To be able to perform any contractual and legal obligation;
4.1.7. Enhancing User Experience: To analyze User behavior and preferences for improving our Services and User experience and to be able to provide location-specific services, if any;
4.1.8. Enhanced Advertising and Marketing Efforts: In our efforts to provide, personalize, measure, and enhance our advertising and marketing endeavors, we engage in several key activities. Firstly, we utilize User information to send promotional and marketing messages, tailoring them to suit individual preferences and interests. Additionally, we strive to customize and optimize advertising on various platforms to ensure relevance and effectiveness. Furthermore, we may administer referral programs, rewards, surveys, sweepstakes, contests, and other promotional activities to engage Users and foster community participation. Through the analysis of User characteristics and preferences, we aim to send targeted promotional messages that resonate with each User segment. Finally, we extend invitations to Users for events and relevant opportunities, enriching their overall experience with our App; and
4.1.9. Providing alerts/notifications: To effectively communicate with you through emails/SMS/notifications through the App to inform you about highest score on leaderboard or any other new apps that we may from time to time develop.
4.2. You consent and recognize that your Personal Information may be disclosed on our App authorized by you for the purpose of utilizing our App and services. Additionally, you agree and acknowledge that we are permitted to communicate with you through messaging, calls, emails, or other means, to facilitate the performance of our services wherever necessary.
5. WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH AND WHY?
5.1. To facilitate our App’s services and enhance User experience, we may share Personal Information with the following entities:
5.1.1. Payment Processors: During the disbursement of cash prizes, we may need to share your banking information (such as credit card/debit card numbers, bank account numbers, and routing numbers) with our trusted financial institution or payment gateway partner to ensure cash prize transfer to you;
5.1.2. Third-party Service Providers: We engage the services of third parties to carry out various functions on our behalf such as payment processing, data analysis, postal and email communications, hosting services, storage, customer service, and marketing assistance. While these third-party service providers have access to the necessary Personal Information to fulfill their functions, they are prohibited from using it for any other purposes. Moreover, they are obligated to process the Personal Information in compliance with applicable laws. We utilize Unity platform for a range of services, including databases, servers, SSL certificates, and file storage. While we do not own or control these third parties, when you interact with them and choose to use their services, you are providing your information to them. Your use of these services is subject to the privacy policies of those providers, including Unity’s Privacy Policy, PayPal’s Privacy Policy and ________’s Privacy Policy (please insert link for privacy policy of identity verification software)
5.1.3. Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates may include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us;
5.1.4. Business Transfers: If we reorganize or sell all or a portion of our assets, undergo a merger, or are acquired by another entity, we may transfer your information to the successor entity. If we go out of business or enter bankruptcy, your information would be an asset transferred or acquired by a third party. You acknowledge that such transfers may occur and that the transferee may decline to honor commitments we made in this Privacy Policy.
5.1.5. Legal Compliance:
5.1.5.1. We may disclose your information to courts, law enforcement, governmental or public authorities, tax authorities, authorized third parties, or other Users, if and to the extent we are required or permitted to do so by law or where disclosure is reasonably necessary to: (i) comply with our legal obligations, (ii) comply with a valid legal request, such as a subpoena or court order, or to respond to claims asserted against us, (iii) respond to a valid legal request relating to a criminal investigation to address alleged or suspected illegal activity, or to respond to or address any other activity that may expose us, you, or any other of our Users to legal or regulatory liability, (iv) enforce and administer our agreements with Users, including our Terms, additional legal terms, and policies, (v) respond to requests for or in connection with current or prospective legal claims or legal proceedings concerning us and/or third parties, in accordance with applicable law, or (vi) protect the rights, property or personal safety of the Company, its employees, its User, or Users of the public;
5.1.5.2. Where legally required or permissible according to applicable law, we may disclose User information to relevant tax authorities or other governmental agencies, depending on where you are based, for the purpose of the tax authorities’ determination of proper compliance with relevant tax obligations;
5.1.5.3. Where appropriate and/or legally required, we may notify the User about legal requests, unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon or harm to Omicron, our Users, or expose Omicron to a claim of obstruction of justice.
5.1.6. Service Improvement: We may share certain aggregated, anonymized information with third parties (for example, for Google Analytics) in order to assess the App usage and information pertaining to the ease of navigation;
5.1.7. Advertisements: We use third-party advertising companies to serve ads when you visit our App. These companies may use information (not including your name, address, email address, or telephone number) about your visits to the App and other websites in order to provide personalized advertisements about games, and other services of interest to you;
5.1.8. Collaborations: We may share your Personal Information with reputable partners to facilitate joint initiatives, promotions, or integrated services; and
5.1.9. Growth and Expansion: As our App evolves and expands, there may be instances where sharing Personal Information with new entities or parties becomes necessary for the enhancement of our App. Any such sharing will be carried out with the utmost consideration for User privacy and in accordance with relevant legal frameworks.
5.2. We do not ever sell or rent your Personal Information without your express approval.
5.3. We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.
6. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
In compliance with applicable laws, we retain your Personal Information for a duration no longer than necessary for the purpose for which it was collected or as mandated by relevant laws. At the time of the execution of the Jackpot Winnings Agreement, we shall verify your identity through a secure third party software system. Additionally, we will securely destroy and delete your Personal Information (as detailed in Clause 2.3 of this Policy) after the prize money transfer is completed. However, certain data related to you may be retained beyond this period if we reasonably believe it is necessary to prevent fraud, mitigate potential abuse, allow us to exercise our legal rights, defend against legal claims, or fulfill other legitimate purposes required by law or for analytical and research purposes. Additionally, we may continue to retain your Personal Information for the following purposes including but not limited to:
6.1. Legitimate Business Interest: We may retain your Personal Information as necessary for our legitimate business interests, such as the prevention of money laundering, fraud detection and prevention, and enhancing safety;
6.2. Legal, Tax, Reporting, and Auditing Obligations: We may retain and use your Personal Information to the extent necessary to comply with our legal, tax, reporting, and auditing obligations;
6.3. Shared Information: Information you have shared with others, such as reviews and forum postings, may continue to be publicly visible on the App, even after your access/use is restricted; and
6.4. Residual Copies: Because we take measures to protect data from accidental or malicious loss and destruction, residual copies of your Personal Information may not be removed from our backup systems for a limited period of time.
7. HOW DO WE PROVIDE FOR THE SECURITY OF YOUR PERSONAL INFORMATION WITH US?
7.1. Storage Information: User data is stored on our secure Unity servers and databases. These servers are strategically located based on the User's location to minimize latency for each User.
7.2. We prioritize the security of your data, utilizing secure cloud servers where your Personal Information is encrypted at rest, adding an extra layer of protection against unauthorized access. We implement reasonable physical, electronic, and procedural safeguards to ensure the confidentiality and integrity of your information. Accessing your information is facilitated through a secure server, and once in our possession, your data is subject to strict security guidelines to prevent unauthorized access. Further, access to your information is restricted to our internal team members only to maintain confidentiality and security.
7.3. You understand and agree that despite the security measures in place, we cannot be held liable for any issues related to data security. Nevertheless, we implement reasonable physical, electronic, and procedural safeguards to maintain the confidentiality and integrity of your information. As part of this commitment, it is imperative that you also review and adhere to the terms of service and privacy policy of our third-party service providers.
7.4. While we take comprehensive measures to safeguard your information, by using our App, you accept and understand the security implications inherent in transmitting data over the Internet and the World Wide Web. Despite our diligent efforts, complete security cannot be guaranteed, and inherent risks persist. Rest assured, we are dedicated to continuously enhancing our security protocols to effectively mitigate emerging threats and uphold the trust of our Users.
8. HOW DO WE HANDLE DATA BREACHES AND SECURITY INCIDENTS?
8.1. In the event of a data breach or security incident, we maintain a proactive approach to ensure swift resolution and mitigate potential risks. We have established a comprehensive incident response plan designed to address such occurrences promptly and effectively:
8.1.1. Identification: We promptly identify and acknowledge any signs of a data breach or security incident within our systems or infrastructure;
8.1.2. Containment: Immediate action is taken to contain the impact of the breach, preventing further unauthorized access or damage to data;
8.1.3. Notification: We prioritize transparency by promptly notifying affected parties, including Users and relevant stakeholders, about the breach and its potential impact on their data;
8.1.4. Collaboration: We collaborate with relevant authorities, such as regulatory bodies and law enforcement agencies, to report the incident and comply with any legal obligations or regulatory requirements; and
8.1.5. Post-Incident Assessment: Following the resolution of the incident, we conduct thorough assessments to evaluate the effectiveness of our response measures and identify areas for improvement.
9. DO WE TRANSFER YOUR PERSONAL INFORMATION ACROSS THE BORDER?
9.1. While our primary practice is to store all data on servers located within the United States, it's important to note that certain circumstances may necessitate the transfer of your Personal Information to countries outside your residential country. These transfers may occur for various purposes outlined in this Policy. To reduce latency for our Users located in Europe, Asia, Oceania, and other countries, we expect to work with the Unity platform. This involves data transfer, which will be managed by Unity itself.
9.2. You understand and accept that other countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information it holds and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies, and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar processes. In addition, a number of countries have agreements with other countries providing for the exchange of information for law enforcement, tax, and other purposes.
9.3. If we transfer your Personal Information to third parties for purposes stated in this Policy, we will use our best endeavors to put in place appropriate controls and safeguards to ensure that your Personal Information is kept accurate, adequately protected, and processed only for specified and reasonable purposes in a manner that is fair, transparent and has a lawful basis, and is stored for no longer than is absolutely necessary.
10. WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?
10.1. You, as a data subject, have certain rights to your Personal Information with us. For Users residing in different regions and jurisdictions or are otherwise protected by privacy laws in those jurisdictions, please refer to the below-mentioned table that supplements our main Privacy Policy and outlines specific rights afforded to you as a data subject. The following region-specific data subject rights and corresponding schedules apply:
REGION
SCHEDULE
UNITED STATES
Schedule I
EUROPEAN UNION (EU)
Schedule II
UNITED KINGDOM (UK)
Schedule III
Canada
Schedule IV
Mexico
Schedule V
SOUTH AFRICA
Schedule VI
NIGERIA
Schedule VII
INDIA
Schedule VIII
china
Schedule IX
australia
Schedule X
Japan
Schedule XI
Vietnam
Schedule XII
Indonesia
Schedule XIII
10.2. If you are a resident of Nevada in the United States, Chapter 603A of the Nevada Revised Statutes permits a Nevada resident to opt out of future sales of certain covered information that an App operator has collected or will collect about the resident. To submit such a request, please contact us at _____________.
10.3. We encourage you to review the applicable schedules for your region to understand your data subject rights pertaining to your Personal Information in accordance with local laws and regulations.
10.4. Additionally, please note that all the schedules annexed are supplemental to the main Privacy Policy and shall be considered a part of the main Privacy Policy.
11. ARE CHILDREN ALLOWED TO USE OUR APP?
11.1. This App is strictly prohibited for use by individuals under the age of eighteen (18) years old ("Minors"). Accessing or using the App by Minors constitutes a violation of our Terms of Service and Privacy Policy.
11.2. We do not knowingly solicit, collect, or process any Personal Information from individuals who are under the age of eighteen (18). We implement commercially reasonable age verification measures and data protection practices to prevent such unauthorized collection and usage.
11.3. If you are a parent or legal guardian ("Guardian") and believe your child has provided us with Personal Information, we urge you to promptly contact us at _____________________. Upon verification of your Guardian status, we will promptly take all necessary steps to remove and delete such information from our records.
12. HOW CAN YOU EXPRESS YOUR COMPLAINTS AND CONCERNS?
User satisfaction is one of the key focus areas and an integral part of our Company’s founding principles and business policies. We strongly believe that User satisfaction is the most important factor in the growth and development of our business and hence, we have adopted User-centricity as a priority in developing our business processes. The terms below shall constitute our “User Grievance Redressal Policy” which outlines the framework for addressing User grievances:
12.1. Objective: The objective of this Grievance Policy is to provide a framework:
12.1.1. to ensure the provision of timely and effective resolution of issues raised by Users; and
12.1.2. to keep Users informed about the manner in which they can reach out to us to resolve their queries and grievances.
12.2. Governing Principles: The policy on grievance redressal is governed by the following principles:
12.2.1. User shall be treated fairly at all times;
12.2.2. Issues raised by Users are always attended to with courtesy and on time;
12.2.3. Users are provided with effective and satisfactory resolution within a reasonable time period; and
12.2.4. Users are fully informed of avenues to escalate their issues/ grievances if they are not fully satisfied with the response to their complaints.
12.3. User Support: Any User can reach out to our User support team/ representative through electronic mode by way of email communication at _____________________;
12.4. Must Know: You must know and understand that:
12.4.1. We DO NOT solicit confidential details like your OTP/CVV/PIN/Card Number/ Bank account details through any means other than explicitly mentioned by us. We never call Users/customers with offers, discounts, and offering free gifts.
12.4.2. IScamsters/fraudsters attempt various techniques such as ‘phishing’, to contact, influence, and defraud consumers. We regularly caution our Users against sharing any personal or payment-sensitive information with unknown persons as such sharing leads to unauthorized use and/or fraud and consequent financial loss.
12.4.3. We shall not be liable for any loss, damage, or expense incurred by a User where the User has shared personal and/or payment-sensitive information with scamsters/fraudsters.
12.4.4.Additionally, we also request and encourage our Users to report such attempts or incidents to us at _____________________ to enable us to investigate and explore legal recourse.
12.4.5. We rely on payment partners and banks. In certain cases involving payment/refund issues, we might see a delay as that is beyond our control once we pass the investigation to them; however, we try our best not to exceed reasonable timelines.
13. HOW ARE CHANGES MADE TO THIS POLICY?
This Policy may be updated at our sole discretion or due to changes in the law. Such changes, unless otherwise stated, will be effective from the day and date of posting on the App. We reserve the right to update the Policy without obligation to notify Users. It is recommended to regularly review this Policy for any changes, as your continued access and use of the App will be considered your approval and acceptance of all modifications to this Policy. In cases where applicable law mandates, we may notify you of updates through email. If you do not agree with this Policy governing our App, please refrain from using the App.
14. HOW CAN YOU CONTACT US?
Should you need additional information or have any questions or complaints regarding the handling of your Personal Information, please reach out to us in writing at:

Email: __________________
Schedule I - United States Residents
If you reside in California, Colorado, Connecticut, Delaware, Florida, Iowa, Montana, Nevada, Oregon, Texas, Utah, Vermont, Virginia, or Washington, or are otherwise protected by privacy laws in those jurisdictions, this schedule supplements our main Privacy Policy and outlines specific rights and protections afforded to you.
A. YOUR PRIVACY RIGHTS:
* Right to access: You can access the information that has been provided by you by reaching out to us at _____________.
* Right to withdraw consent: The consent that you provide for the collection, use, and disclosure of your Personal Information will remain valid until such time it is withdrawn by you in writing. If you withdraw your consent, we will stop processing the relevant Personal Information except to the extent that we have other grounds for processing such Personal Information under applicable laws. We will respond to your request within a reasonable timeframe. You may withdraw your consent at any time by contacting us; and
* Right to Opt-Out: You have the right to opt out of certain processing activities, such as the sale of Personal Information or the use of Personal Information for targeted advertising purposes. Firmli will respect your preferences and refrain from such activities upon your request.
* Right to correction: You are responsible for maintaining the accuracy of the information you submit to us, including but not limited to your Contact Information. For any necessary updates or corrections to your Personal Information, Users can easily modify details using the provided App functionalities or by reaching out to us at _____________.
* Right of Access and Portability: In some jurisdictions, applicable law may entitle you to request certain copies of your Personal Information or information about how we handle your Personal Information, request copies of Personal Information that you have provided to us in a structured, commonly used, and machine-readable format, and/or request that we transmit this information to another service provider, where technically feasible.
* Right of Erasure: In some jurisdictions, you can request that your Personal Information be deleted.
B. DATA CONTROLLER:
Under various U.S. privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) and other state-specific regulations, we act as the “controller” of Personal Data. To ensure compliance, we operate our services in a manner that guarantees: Personal Data is processed fairly, lawfully, and transparently; and it is collected and used only for legitimate and specified purposes.
C. APPEAL PROCESS:
If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request" or you can send us a notice at the following address
Address: _____________
D. DATA RETENTION AND DE-IDENTIFICATION:
We are committed to retaining Personal Information only for as long as necessary to fulfill the purposes for which it was collected, as outlined in our main Privacy Policy (see Clause 6). We may also take measures to de-identify Personal Information in accordance with applicable laws and regulations.
E. ADDITIONAL INFORMATION:
For more detailed information on how we handle your Personal Information, including our data collection practices, security measures, and third-party disclosures, please refer to our main Privacy Policy available.
Schedule II- European Union Resident Residents
We are committed to ensuring compliance with the European Union General Data Protection Regulation (‘GDPR’).

Although our Privacy Policy explains how we meet all of our obligations for United Kingdom Users, we also have some Users who are habitually located in the European Union (‘EU Residents’) that have additional rights with respect to their Personal Data.

Personal Data is defined as: “Any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”. The term “Personal Data” should be considered fundamentally interchangeable with the expression “Personal Information” for the purposes of this Privacy Policy.

Under the GDPR, we are primarily the “controller” of Personal Data, as opposed to being a “processor”. As part of our GDPR compliance, we provide and operate the App in a way that ensures: Personal Data (i.e. Personal Information) is processed fairly, lawfully, and in a transparent manner; and collected and processed only for specified and lawful purposes.

We ensure that the Personal Information we collect about you is accurate, complete, and used for its intended purpose. You may access, review, correct, and update your Information by contacting us by email at the contact details below.

EUROPEAN UNION RESIDENTS

In certain circumstances, you have certain rights regarding your Personal Information. A summary of each right and how you can exercise it is detailed below. To exercise any of these rights, please contact us at _____________. Such requests should include information to allow us to verify your identity (e.g. your name, address, email address, or other information reasonably required).
Where we receive your request to exercise one of these rights, we will respond without undue delay and within the time required by applicable law. This may be extended in certain circumstances, e.g. where requests are complex or numerous.

We will provide the information free of charge, except where requests are manifestly unfounded or excessive, e.g. because of their repetitive character. In these circumstances, we may charge a reasonable fee or may refuse to act on the request. We will advise you of any fees prior to proceeding with a request. We may ask for additional information to verify your identity before carrying out a request.
HOW CAN YOU EXERCISE YOUR RIGHT?
1. Right to access and/or correct your Personal Information
You have the right to access the Personal Information we hold about you, and to be provided with a copy of the information (in most circumstances). You also have the right to correct any information we may hold about you that is inaccurate.
2. Right to restrict the use of your Personal Information
You have the right to ask us to restrict the processing of your Personal Information where one of the following applies:
* The processing is unlawful, but you want us to restrict the use of the data instead of deleting it;
* Where you contest the accuracy of your Personal Information, the restriction will apply until we have verified the accuracy or corrected your Personal Information;
* We no longer require the Personal Information for the purposes of the processing, but are required to keep it in connection with a legal claim;
* You have exercised your right to object to the processing. The restriction will apply until we have taken steps to verify whether we have compelling legitimate grounds to continue processing.
3. Right to withdraw consent and request deletion of your Personal Information
* You have the right to ask us to delete your Personal Information in most circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the Personal Information is required to comply with a legal obligation or for the establishment, exercise, or defense of legal claims.
* You may object to our use of your Personal Information for marketing purposes and you can let us know via the provided email address.
* Further, you may also object to the processing of your Personal Information in cases where we have used legitimate interests as the basis for processing. In such cases, we will stop processing your Personal Information until we verify that we have compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms in asking us to stop processing the data, or in limited cases where we need to continue processing the data for the establishment, exercise, or defense of legal claims.

4. Right to data portability
In most cases, you have the right to receive all Personal Information you have provided to us in a structured, commonly used, and machine-readable format and to transmit this data to another data controller, where technically feasible.

5. Right to lodge a complaint with a supervisory authority
If you are a resident of the EU, you have the right to make a complaint at any time to the regulator in your jurisdiction. To find out how to contact your local regulator, please visit https://edpb.europa.eu/about-edpb/about-edpb/members_en.

We will allow and assist Users who are EU Residents to exercise these rights unless we have compelling and legitimate legal grounds not to (e.g. a legal obligation under United Kingdom legislation, or if the Personal Information has been fully anonymized).
Schedule III- United Kingdom (UK) Residents
We are dedicated to upholding the principles of the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

While our Privacy Policy outlines our commitments to European Union Users, we recognize that Users located in the United Kingdom (‘UK Residents’) have additional rights concerning their Personal Data.

YOUR DATA SUBJECT RIGHTS:

You have a number of rights under applicable data protection laws in relation to your Personal Information. Under certain circumstances, you have the right to:
* Have access to your Personal Information by submitting a request to us;
* Have your Personal Information deleted;
* Have your Personal Information corrected if it is wrong;
* Have the processing of your Personal Information restricted;
* Object to further processing of your Personal Information, including to object to marketing from us;
* Make a data portability request;
* Withdraw any consent you have provided to us;
* Restrict any automatic processing of your Personal Information; and
* Complaint to the appropriate supervisory authority.
* To exercise any of these rights, please contact us _____________.

A. BASIS FOR PROCESSING:
We will only process your Personal Information when we have a lawful basis to do so, such as consent, contractual necessity, or legitimate interests. Also, please refer to Clause 4 to understand how we process your Personal Information.

B. PROCESS OF APPEAL:
If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request" or you can send us a notice at the following address
Address: _____________
Email: _____________

Schedule IV- Canada Residents
We are committed to upholding the privacy rights of our Users in Canada. This schedule outlines our compliance with Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and any applicable provincial privacy legislation.

While our Privacy Policy details our overall data practices, this section specifically addresses the rights and protections available to residents of Canada regarding their Personal Data.

Definition of Personal Data

“Personal Data” refers to information about an identifiable individual, as defined under PIPEDA. This includes but is not limited to, information such as your name, address, email address, phone number, and other identifying details. The term “Personal Data” should be considered fundamentally interchangeable with the expression “Personal Information” for the purposes of this Privacy Policy.

YOUR RIGHTS:

Canadian residents have several rights concerning their Personal Data. These rights include:

1. Right to Access Personal Data

You have the right to request access to your Personal Data held by us. Upon request, we will provide you with a copy of the information in our possession, subject to certain exceptions provided by law.

2. Right to Correct Personal Data

If you believe that any Personal Data we hold about you is incorrect or incomplete, you have the right to request corrections. We will make the necessary updates to ensure your information is accurate and up-to-date.

3. Right to Withdraw Consent

You may withdraw your consent to our processing of your Personal Data at any time, subject to legal or contractual restrictions. If you withdraw your consent, this may affect our ability to provide you with certain services.

4. Right to Data Portability

In certain circumstances, you have the right to request a copy of your Personal Data in a structured, commonly used, and machine-readable format and to have that data transmitted to another data controller.
5. Right to Object to Processing

You have the right to object to the processing of your Personal Data for specific purposes, such as direct marketing. We will cease processing your data for these purposes upon receiving your objection.
6. Right to Erasure

You have the right to request the deletion of your Personal Data, subject to certain exceptions such as for compliance with legal obligations or the defense of legal claims.
7. Right to Restrict Processing

You have the right to request the restriction of processing your Personal Data in certain circumstances, such as when you contest the accuracy of the data or when processing is unlawful.

HOW TO EXERCISE YOUR RIGHTS?

To exercise any of these rights, please contact us at _____________. Requests should include sufficient information for us to verify your identity and understand the nature of your request (e.g., name, address, email address).

We will respond to your request within the timeframes required by applicable law. In some cases, we may need to extend the response period, particularly for complex or numerous requests. We will inform you of any such extensions.


FEES FOR REQUESTS

We will generally process your requests free of charge. However, if a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on the request. We will notify you of any fees in advance.


BASIS FOR PROCESSING

We will process your Personal Data based on one or more of the following lawful bases:
* Consent: Where you have provided explicit consent for processing.
* Contractual Necessity: Where processing is necessary for the performance of a contract to which you are a party.
* Legal Obligation: Where processing is required to comply with a legal obligation.
* Legitimate Interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided such interests are not overridden by your rights and freedoms

PROCESS OF APPEAL

If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request" or you can send us a notice at the following address

Address: _____________

Email: _____________

RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

If you are not satisfied with our response to your appeal, you have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada or the relevant provincial privacy authority.

For more information on how to contact the Office of the Privacy Commissioner of Canada, please visit here- https://www.priv.gc.ca/en/contact-the-opc/.
Schedule V- Mexico Residents
We are dedicated to protecting the privacy rights of our Users in Mexico. This schedule outlines our compliance with Mexican privacy laws, including the Federal Law on Protection of Personal Data Held by Private Parties (Ley Federal de Protección de Datos Personales en Posesión de los Particulares) (“Mexican Privacy Laws”) and its regulations. This is the primary law governing the protection of personal data held by private parties in Mexico.

For the avoidance of doubt, the term “Personal Data” should be considered fundamentally interchangeable with the expression “Personal Information” for the purposes of this Privacy Policy.

PURPOSE OF COLLECTING YOUR PERSONAL INFORMATION

We collect Personal Information about you for the purposes described in Clause 4 (WHY DO WE COLLECT YOUR INFORMATION) of the Privacy Policy.

YOUR DATA SUBJECT RIGHTS RIGHTS:

Mexican residents have ARCO rights concerning their Personal Data. These rights include:

1. Right to Access Personal Data (Derecho de Acceso)

You have the right to know what Personal Data we hold about you, the purposes for which we process it, and the conditions of use.

2. Right to Correct Personal Data (Derecho de Rectificación)

If you find that your Personal Data is inaccurate or incomplete, you have the right to request corrections. We will promptly update your information to ensure its accuracy.

3. Right to Cancel Personal Data (Derecho de Cancelación)

You have the right to request the deletion of your Personal Data when you believe it is not being processed in accordance with Mexican Privacy Laws or when it is no longer necessary for the purposes for which it was collected.

4. Right to Object to Processing (Derecho de Oposición)

You have the right to object to the processing of your Personal Data for legitimate reasons, particularly when such processing is for marketing purposes or involves the evaluation of your personal characteristics.

HOW TO EXERCISE YOUR ARCO RIGHTS?

To exercise any of these ARCO rights, please contact us at _____________. Your request should include sufficient information to verify your identity and specify the right you wish to exercise (e.g., name, address, email address, and a detailed description of the request).

PROCESS OF APPEAL

If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request" or you can send us a notice at the following address

Address: _____________

Email: _____________

RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

If you are not satisfied with our response to your appeal, you have the right to lodge a complaint with the Federal Institute of Transparency, Access to Information and Personal Data Protection (Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales, "INAI"). For more information on how to contact the Office of the Privacy Commissioner of Canada, please click
here.
Schedule VI- South Africa Residents
This schedule outlines the data subject rights provided to the residents in South Africa in accordance with the Protection of Personal Information Act (POPIA) and other applicable South African privacy laws.

Under POPIA, Personal Information is any information that can identify you, including but not limited to your name, contact details, identification number, and any other identifiable information.

YOUR RIGHTS CONCERNING YOUR PERSONAL INFORMATION

* Right to be Informed: You have the right to know when your Personal Information is being collected, the purpose for its collection, and how it will be used.
* Right to Access Personal Information: You have the right to request access to the Personal Information we hold about you. This includes knowing what information we have, how we use it, and receiving a copy of it.
* Right to Correction or Deletion: If your Personal Information is incorrect, outdated, or incomplete, you have the right to request that we correct or delete it.
* Right to Object to Processing: You have the right to object to the processing of your Personal Information if you believe the processing is not justified.
* Right to Withdraw Consent: If we process your Personal Information based on your consent, you have the right to withdraw that consent at any time.
* Right to Complain to the Regulator: You have the right to lodge a complaint with the Information Regulator if you believe your privacy rights have been infringed.

RETENTION OF YOUR PERSONAL INFORMATION

We will retain your Personal Information only for as long as is necessary for the purposes set out in our main Privacy Policy (see Clause 6), or as required by applicable law. Once your Personal Information is no longer required, we will take reasonable steps to securely delete or anonymize it.

HOW TO EXERCISE YOUR RIGHTS?

To exercise any of these rights, please contact us at _____________. Requests should include sufficient information for us to verify your identity and understand the nature of your request (e.g., name, address, email address).

We will respond to your request within the timeframes required by applicable law. In some cases, we may need to extend the response period, particularly for complex or numerous requests. We will inform you of any such extensions.
Schedule VII- Nigeria Residents
We prioritize the privacy of our Users in Nigeria and comply with Nigerian data protection laws, including the Nigeria Data Protection Act 2023 (NDPA) and the Nigeria Data Protection Regulation 2019 (NDPR). This schedule outlines your rights and our responsibilities regarding your Personal Data.

YOUR RIGHTS AS A NIGERIAN RESIDENT

* You must explicitly and freely give consent for the processing of your Personal Data.
* You can request access to your Personal Data and obtain a copy of it.
* You can request corrections to any inaccurate or incomplete Personal Data.
* You can request the deletion of your Personal Data in certain circumstances, such as when it is no longer needed for its original purpose.
* You can object to the processing of your Personal Data based on legitimate interests.
* You can receive your Personal Data in a structured, commonly used, and machine-readable format and transfer it to another data controller.
* You can lodge a complaint with the National Information Technology Development Agency (NITDA) if you believe your data privacy rights have been violated.

PROCESS OF APPEAL

If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request" or you can send us a notice at the following address

Address: _____________

Email: _____________

RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY

If you are not satisfied with our response to your appeal, you have the right to lodge a complaint with the National Information Technology Development Agency (NITDA). For more information, please click
here.
Schedule VIII- India Residents
We are committed to safeguarding the privacy rights of our Users in India. This schedule outlines our compliance with Indian privacy laws, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (IT Rules), and the Digital Personal Data Protection Act (DPDPA), 2023. These regulations ensure that Personal Data is processed fairly, lawfully, and transparently.

YOUR DATA SUBJECT RIGHTS:

* Right to Consent: Your explicit consent is required for the collection and processing of your Sensitive Personal Data or Information (SPDI).
* Right to Access: You have the right to access your Personal Data and obtain a copy of it.
* Right to Correction: You can request corrections to any inaccurate or incomplete Personal Data.
* Right to Withdrawal of Consent: You can withdraw your consent to the processing of your Personal Data at any time.
* Right to Review Information: You can review the information you have provided and ensure it is accurate and up-to-date.
* Right to Grievance Redressal: You have the right to lodge a complaint regarding the processing of your Personal Data with our Grievance Officer.

DATA RETENTION AND DE-IDENTIFICATION:

We are committed to retaining Personal Information only for as long as necessary to fulfill the purposes for which it was collected, as outlined in our main Privacy Policy (see Clause 6). We may also take measures to de-identify Personal Information in accordance with applicable laws and regulations.

APPEAL PROCESS

If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request."

LODGING A COMPLAINT

If you believe your rights have been violated or are dissatisfied with our response, you have the right to lodge a complaint with the
Office of the Data Protection Commissioner of India (DPIC). The DPIC is responsible for handling complaints related to data protection and ensuring compliance with the DPDPA.

ADDITIONAL INFORMATION:

For more detailed information on how we handle your Personal Information, including our data collection practices, security measures, and third-party disclosures, please refer to our main Privacy Policy available.
Schedule IX- Residents of China
We are committed to adhering to the data protection regulations of the People's Republic of China (PRC), including the Personal Information Protection Law (PIPL) and other relevant laws.

YOUR RIGHTS AS A CHINA RESIDENT

1. Right to Be Informed
You have the right to be informed about how we collect and use your Personal Information. We strive to provide clear and accessible information about our data practices.

2. Right to Access
You may request access to the Personal Information that we hold about you. This includes the right to obtain a copy of your data.

3.Right to Correction
If any of your Personal Information is inaccurate or incomplete, you have the right to request corrections or updates.

4. Right to Deletion
You have the right to request the deletion of your Personal Information under certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.

5. Right to Restrict Processing
You can request that we restrict the processing of your Personal Information in specific situations, such as when you contest the accuracy of the data.

6. Right to Data Portability
Where technically feasible, you have the right to request the transfer of your Personal Information to another data controller.

7. Right to Object
You have the right to object to the processing of your Personal Information for specific purposes, including direct marketing.

8. Right to Withdraw Consent
You can withdraw your consent to the processing of your Personal Information at any time, especially if the processing is based on your consent.

RETENTION OF YOUR INFORMATION

We retain your Personal Information only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. The retention period may vary based on the nature of the data and legal requirements. Please refer to
Clause 6 of the main Privacy Policy to learn more about our data retention practices.

APPEAL PROCESS

If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request."

LODGE A COMPLAINT

If you believe your rights have been violated or are dissatisfied with our response, you have the right to lodge a complaint with the relevant regulatory authority. This can be done for China residents through the Cyberspace Administration of China (CAC).
Schedule X- Australia Residents
We are dedicated to safeguarding the privacy rights of the Users in Australia. This schedule outlines our compliance with Australian privacy laws, including the Privacy Act 1988 (Cth), which regulates the handling of Personal Information by federal government agencies, businesses, and organizations, and Australian Privacy Principles (APPs). The Privacy Act aims to protect individuals' Personal Information and provide a framework for how this information should be collected, used, and disclosed. 

 Personal Information is defined as information or an opinion about an identified individual or an individual who is reasonably identifiable. The Privacy Act includes 13 Australian Privacy Principles, which set out the key requirements for handling Personal Information.
YOUR RIGHTS:
* Right to Access Personal Information: Individuals have the right to access their Personal Information held by an organization. If an individual requests access, the organization must provide a copy of the information or allow the individual to view it, subject to certain exemptions.
* Right to Correction of Personal Information: Individuals have the right to request corrections to their Personal Information if it is inaccurate, incomplete, or outdated. Organizations are required to take reasonable steps to correct the information and update records accordingly.
* Right to Be Informed About Collection: When collecting personal information, organizations must inform individuals about the purpose of collection, how their information will be used, and whether it will be disclosed to third parties. This ensures transparency in data handling practices.
* Right to Limit Use and Disclosure: Personal Information collected for a specific purpose should not be used or disclosed for another purpose without the individual's consent, unless it is required by law or for secondary purposes related to the original purpose.
* Right to Opt-Out of Direct Marketing: Individuals have the right to opt-out of receiving direct marketing communications. Organizations must provide a clear and simple way for individuals to unsubscribe or refuse further marketing.
* Right to Security of Personal Information: Individuals are entitled to have their personal information protected against misuse, interference, loss, unauthorized access, modification, or disclosure. Organizations must implement appropriate security measures.
* Right to Challenge Handling Practices: Individuals can challenge and seek redress if they believe their personal information is being handled inappropriately or if they are not receiving the services or protections to which they are entitled under this Act
* Right to Information About Cross-Border Disclosure: If personal information is disclosed to overseas entities, individuals have the right to know about this disclosure and how their data will be protected by the overseas recipient.
DATA RETENTION AND ANONYMITY OR PSEUDONYMITY
We are committed to retaining Personal Information only for as long as necessary to fulfill the purposes for which it was collected, as outlined in our main Privacy Policy (see Clause 6). We may also take measures to anonymize or pseudonymous the Personal Information in accordance with applicable laws and regulations.
APPEAL PROCESS
If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request" or you can send us a notice at the following address.

 Address: _____________ 

 Email: _____________
Right to Complain and Seek Redress
Office of the Australian Information Commissioner (OAIC): Individuals who believe their privacy rights have been violated can file complaints with the OAIC. The OAIC investigates complaints, provides guidance, and can take enforcement action if necessary.
Schedule XI - Japan Residents
We strive to uphold and respect the privacy rights of our Users in Japan. This schedule is given to provide your rights as a data subject in accordance with the Act on Protection of Personal Information (APPI). This Act aims to protect the rights and interests of individuals while balancing the need for the proper use of personal information by businesses and other entities.

The APPI applies to entities handling Personal Information in Japan, regardless of whether the information pertains to Japanese or foreign nationals. The law covers all Personal Information, which is defined as information about living individuals that can identify them directly or indirectly. Under this Act, you are granted several rights to ensure the protection and proper handling of your personal information. These rights provide individuals with control over their personal data.
YOUR RIGHTS AS DATA SUBJECTS:
* Right to Know the Purpose of Use: You have the right to be informed about the purpose for which your personal information is being collected, used, and shared. Business organizations must disclose this information when collecting personal data and upon your request.
* Right to Access: You can request access to your personal information held by a business organization. This includes obtaining details about what personal data is being processed, the purpose of processing, and the recipients of the data.
* Right to Correction: If you find out that your personal information is inaccurate, outdated, or incomplete, you have the right to request corrections. The business organization must promptly correct the data and notify the individual of the changes.
* Right to Deletion: You can request the deletion of your personal information if it is no longer necessary for the purposes for which it was collected or if it was obtained or used in violation of the APPI. Business organizations must delete the data and inform the data subject of the deletion.
* Right to Suspend Usage: You have the right to request the suspension of the use or provision of your personal information if they believe it is being handled inappropriately or if it was obtained without proper consent. This includes stopping the use of data for marketing or other purposes not initially agreed upon.
* Right to Notification of Data Breach: In the event of a data breach that could result in significant harm to you, business organizations are required to notify you promptly, if it affects you. The notification must include details about the breach and measures taken to mitigate its impact.
* Right to Object to Processing: You can object to the processing of your personal information in certain circumstances, such as when the processing is based on the organization's legitimate interests or for direct marketing purposes.
Data Retention and Anonymization
We will retain your Personal Information only for as long as is necessary for the purposes set out in our main Privacy Policy (see Clause 6), or as required by applicable law. Once your Personal Information is no longer required, we will take reasonable steps to securely delete or anonymize it according to steps enumerated in APPI.
Process of Appeal
If you disagree with the Company’s response to your request regarding privacy rights or feel that your rights have not been properly addressed, you have the right to appeal. To submit your appeal, please send a written request to our Data Protection Officer at _____________, using the subject line “Appeal of Privacy Rights Request.” Alternatively, you may send a notice to the following address: 

 Address: _____________
Email: _____________
Right to Complain and Seek Redress
Data subjects have the right to file complaints with the Personal Information Protection Commission (PPC) or seek redress if they believe their privacy rights have been violated. The PPC has the authority to investigate complaints and enforce compliance with the APPI.
Schedule XII- Vietnam Residents
We are devoted to the protection and respect of the privacy rights of our Users in Vietnam. This schedule outlines our compliance with Vietnamese privacy laws, including the Law on Cyber Security (2018), the Law on Protection of Consumer Rights (2010), Decree 13/2023/ND-CP on Protection of Personal Data and other relevant regulations. These regulations ensure that Personal Data is processed fairly, lawfully, and transparently.
YOUR RIGHTS AS DATA SUBJECTS:
1. Right to Access
Data subjects have the right to access their Personal Information held by organizations. They can request to know what data is being collected, how it is being used, and to whom it has been disclosed.
2. Right to Correction
Data subjects can request corrections to their Personal Information if it is inaccurate, outdated, or incomplete. Organizations are obligated to update and correct the data as necessary.
3. Right to Deletion
Data subjects can request the deletion of their Personal Information from an organization’s records if the data is no longer necessary for the purpose for which it was collected or if the individual withdraws consent.
4. Right to Object
Data subjects have the right to object to the processing of their Personal Information. This includes the right to refuse processing for certain purposes, such as direct marketing.
5. Right to Restrict Processing
Data subjects can request that their Personal Information be restricted or blocked from processing in certain circumstances, such as when they contest the accuracy of the data or object to its processing.
6. Right to Withdraw Consent
When Personal Information is being processed based on consent, data subjects have the right to withdraw their consent at any time. Upon withdrawal, processing of the data must cease, and the data must be deleted or anonymized unless processing is required by law.
7. Right to be Informed
Data subjects must be informed about the purpose of data collection, how their data will be used, and any third parties with whom their data will be shared. This right ensures transparency in data processing practices.
8. Right to Security
Data subjects have the right to expect that their Personal Information is protected from unauthorized access, misuse, or breaches. Organizations must implement adequate security measures to safeguard personal data.
APPEAL PROCESS
If you disagree with the Company's response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at _____________ with the subject line "Appeal of Privacy Rights Request." Alternatively, you may send a notice to the following address: 

 Address: _____________
Email: _____________
RIGHT TO FILE COMPLAINT
Data subjects can file complaints with relevant authorities if they believe their privacy rights have been violated. For instance, the Vietnam Competition and Consumer Authority, the Ministry of Public Security or the Ministry of Information and Communications may handle such complaints. Organizations failing to uphold these rights or violating privacy laws may face administrative penalties, fines, and other legal consequences.
Schedule XIII- Indonesia Residents
We are committed to upholding the privacy rights of our Users in Indonesia. This schedule outlines our compliance with Indonesian privacy laws, including the Personal Data Protection Act (PDPA), the Electronic Information and Transactions Law (EIT Law), Financial Services Authority (OJK) Regulations and other various sectoral regulations.

The Personal Data Protection Act (PDPA) is Indonesia's comprehensive data protection law, akin to the GDPR in the EU. The PDPA applies to any individual, public body, or private entity that processes personal data within Indonesia, as well as to foreign entities processing personal data of Indonesian citizens.
Definition of Personal Data
The PDPA defines personal data as any data about an individual who can be identified, either directly or indirectly, from that data. This includes but is not limited to, information such as your name, address, email address, phone number, and other identifying details. The term “Personal Data” should be considered fundamentally interchangeable with the expression “Personal Information” for the purposes of this Privacy Policy.
Data Subject Rights
* Right to Access: Individuals have the right to access their Personal Information held by organizations.
Right to Rectification: Individuals can request corrections to their Personal Information if it is inaccurate or incomplete.
* Right to Erasure: Individuals can request the deletion of their Personal Information under certain conditions.
* Right to Data Portability: Individuals have the right to obtain and reuse their Personal Information for their own purposes across different services.
* Right to Object: Individuals can object to the processing of their Personal Information in certain circumstances.
* Right to Withdraw Consent: Individuals can withdraw their consent at any time when processing is based on consent.
* Cross-Border Data Transfers: Personal Information can only be transferred outside Indonesia to countries that provide an adequate level of data protection or with the appropriate safeguards in place.
* Data Breach Notification: Organizations must notify the relevant supervisory authority and affected data subjects in the event of a data breach that poses a risk to individuals' rights and freedoms.
Data Retention
We will retain your Personal Information only for as long as is necessary for the purposes set out in our main Privacy Policy (see Clause 6), or as required by applicable law. Once your Personal Information is no longer required, we will take reasonable steps to securely delete it in accordance with Indonesian Privacy Laws.
Process of Appeal
If you disagree with the Company’s response to your request regarding privacy rights or feel that your rights have not been properly addressed, you have the right to appeal. To submit your appeal, please send a written request to our Data Protection Officer at _____________, using the subject line “Appeal of Privacy Rights Request.” Alternatively, you may send a notice to the following address:

Address: _____________ 
 Email: _____________
RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
f you are not satisfied with our response to your appeal, you have the right to lodge a complaint with the Office of the Ministry of Communication and Information Technology (Kominfo).

Non-compliance with the PDPA can result in administrative fines, sanctions, and criminal penalties.