Privacy Policy for "Hive-Zox Mobile" Application

Policy version 1.0, Date: 27/02/2024 This is the first and original version of this document.

Table of Contents

1. Controller, Scope and Subject of this Privacy Policy
2. Summary of Key Points
3. Information Collection
   1. Personal information provided by Users
   2. Sensitive information
4. Personal information processing
5. Legal bases for processing Users' information
6. Conditions and parties involved in sharing Users' personal information
7. Duration of Users' information retention
8. Securing Users' information
9. Collecting information from minors
10. Users' privacy rights
1. Withdrawing User's consent
2. Account information
11. Updates to this notice
12. Contacting us about this notice
13. Review, update, or deletion of data collected

1. Controller, Scope and Subject of this Privacy Policy

Hive-Zox International S.A. ("we," "us," or "our") is the controller of your data in the context of this privacy notice.

This privacy notice describes how and why we might collect, store, use and/or share ("process") information when our services ("Services") are used, such as downloading and using our mobile application (Hive-Zox Mobile).

The term "Users" refers to individuals who engage with our mobile application to which this policy applies. This encompasses anyone who interacts with the application, whether for the purpose of accessing information, utilizing services provided by the application, or contributing content. This definition is inclusive of all forms of engagement with the application, ensuring that our privacy notice covers all aspects of User interaction and data protection.

Questions or concerns? This privacy notice, when read, will assist the Users in understanding their privacy rights and choices. Should our policies and practices not be agreed with, our Services should not be used. Should there still be any questions or concerns, contact at info@hive-zox.com is welcomed.

2. Summary of Key Points

This summary provides key points from our privacy notice.

Personal information that we process

Personal information may be processed by us when our Services are visited, used, or navigated, depending on the interaction with us and the Services, the choices made, and the products and features used.

Information received from third parties

We do not receive any information from third parties.

Processing Users' information

Information is processed to provide, improve, and administer Services, for communication, security, and fraud prevention, and to comply with law. Additionally, information may be processed for other purposes with consent. Processing of information is undertaken only when a valid legal reason is present.

Sharing personal information

We may share information in specific situations and with specific third parties.

Ensuring safety of our Users' information

Organizational and technical processes and procedures are implemented to protect the personal information of Users. However, the complete security of electronic transmission over the internet or information storage technology cannot be guaranteed, leading to the inability to assure that hackers, cybercriminals, or other unauthorized third parties will be prevented from defeating security measures and improperly collecting, accessing, stealing, or modifying Users' information.

Rights that are possessed by Users

Depending on their geographical location, the applicable privacy law may grant certain rights regarding Users' personal information.

Exercising Users' rights

The easiest way for rights to be exercised is by being contacted at info@hive-zox.com. Any request will be considered and acted upon in accordance with applicable data protection laws.

3. Information Collection

Personal information is collected voluntarily by Users when registering on the Services, expressing an interest in obtaining information about the Services or participation in activities on the Services, or otherwise when contacting us.

All personal information provided to us must be true, complete, and accurate, and any changes to such personal information must be notified to us.

3.1 Personal information provided by Users

The personal information collected is dependent on the context of Users' interactions with the Services, the choices made, and the products and features used. The personal information that may be collected includes the following:

• Names
• E-mail addresses
• Usernames
• Passwords

3.2 Sensitive information

We do not process sensitive information.

4. Personal information processing

Personal information is processed for a variety of reasons, depending on interaction with our Services, including:

• To facilitate account creation and authentication and otherwise manage User accounts.
• To deliver and facilitate delivery of services to the User.
• To save or protect an individual's vital interest.

5. Legal bases for processing Users' information

The General Data Protection Regulation (GDPR) and UK GDPR necessitate the explanation of valid legal bases that are relied upon to process personal information. The following legal bases may be relied upon for processing personal information:

• Consent: Information may be processed if consent has been given by Users to use their personal information for a specific purpose. Consent can be withdrawn at any time by the Users.
• Performance of a Contract: Personal information may be processed when it is deemed necessary to fulfill contractual obligations towards Users, including providing Services or at Users' request prior to entering into a contract with them.
• Legal Obligations: Information may be processed where it is believed necessary for compliance with legal obligations, such as cooperating with law enforcement or regulatory agencies, exercising or defending legal rights, or disclosing information as evidence in litigation in which involvement occurs.
• Vital Interests: Information may be processed where it is believed necessary to protect the vital interests of the User or a third party, such as in situations involving potential threats to the safety of any person.

Information may be processed if specific permission has been given by Users (i.e., express consent) to use their personal information for a specific purpose, or in situations where permission can be inferred (i.e., implied consent). Consent can be withdrawn at any time by the Users.

In some exceptional cases, it may be legally permitted under applicable law to process information without Users' consent, including, for example:

• If collection is clearly in the interest of an individual and consent cannot be obtained in a timely way
• For investigations and fraud detection and prevention
• For business transactions provided certain conditions are met
• If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim
• For identifying injured, ill, or deceased persons and communicating with next of kin
• If we have reasonable grounds to believe and individual has been, is, or may be victim of financial abuse
• If it is reasonable to expect collection and use with consent would compromise the availability of the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province
• If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records
• If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced
• If the collection is solely for journalistic, artistic, or literary purposes
• If the information is publicly available and is specified by the regulations

6. Conditions and parties involved in sharing Users' personal information

Personal information may need to be shared in the following situations:

• Business Transfers: Personal information may be shared or transferred in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of the business to another company.

7. Duration of Users' information retention

Personal information will be retained only for as long as necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will necessitate keeping personal information for longer than the duration Users maintain an account.

Should there be no ongoing legitimate business need to process personal information, efforts will be made to either delete or anonymize such information. If deletion or anonymization is not feasible (for example, because personal information has been stored in backup archives), then personal information will be securely stored and isolated from any further processing until deletion becomes feasible.

8. Securing Users' information

Appropriate and reasonable technical and organizational security measures have been implemented, designed to protect the security of any personal information that is processed. However, despite safeguards and efforts to secure information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, thus a promise or guarantee cannot be made that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat security measures and improperly collect, access, steal, or modify personal information. Efforts will be made to protect personal information, but the transmission of personal information to and from Services is at the risk of the individual. Access to the Services should only be made within a secure environment.

9. Collecting information from minors

Data from or marketing to children under 18 years of age is not knowingly solicited. By using the Services, it is represented that an individual is at least 18 or that they are the parent or guardian of such a minor and consent to the minor dependent's use of the Services. If it is learned that personal information from Users under 18 years of age has been collected, the account will be deactivated, and reasonable measures will be taken to promptly delete such data from records. Should anyone become aware of any data that may have been collected from children under age 18, contact at info@hive-zox.com is requested.

10. Users' privacy rights

In some regions (like the EEA, UK, Switzerland, and Canada), certain rights under applicable data protection laws are held by individuals. These may include the right (i) to request access and obtain a copy of personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making. In certain circumstances, the right to object to the processing of personal information may also be held. Such requests can be made by contacting through the contact details provided in the section 12.: "Contacting us about this notice" below.

Any request will be considered and acted upon in accordance with applicable data protection laws.

If located in the EEA or UK and believing that unlawful processing of personal information is occurring, the right to complain to a Member State data protection authority or UK data protection authority is also held.

If located in Switzerland, contact with the Federal Data Protection and Information Commissioner may be made.

10.1 Withdrawing User's consent

If reliance on consent (which may be express and/or implied depending on the applicable law) is made to process personal information, the right to withdraw that consent at any time is held. Consent can be withdrawn at any time by contacting through the contact details provided in the section 12.: "Contacting us about this notice" below.

However, it should be noted that this will not affect the lawfulness of processing before its withdrawal, nor, when applicable law allows, will it affect the processing of personal information conducted in reliance on lawful processing grounds other than consent.

10.2 Account information

If a desire to review or change the information in an account or terminate the account arises, the following actions can be taken:

• Log into account settings and update the User account.
• Contact through the provided contact information.

Upon request to terminate an account, the account and information will be deactivated or deleted from active databases. However, some information may be retained in files to prevent fraud, troubleshoot problems, assist with investigations, enforce legal terms, and/or comply with applicable legal requirements.

For questions or comments about privacy rights, an email can be sent to info@hive-zox.com.

11. Updates to this notice

We will update this notice as necessary to stay compliant with relevant laws.

12. Contacting us about this notice

If questions or comments about this notice exist, an email can be sent to info@hive-zox.com or contact can be made by post at:

Hive-Zox International S.A.
Chemin de Précossy 27
Nyon 1260
Switzerland

13. Review, update, or deletion of data collected

Based on the applicable laws of a User's country, the right to request access to personal information collected, change that information, or delete it may be held. To request a review, update, or deletion of personal information, please contact us at e-mail: info@hive-zox.com.

Effective 27-FEB-2024