Privacy Policy of Sotira

Sotira Fintech Co. (US) (“Sotira“) are committed to protecting your privacy. We have prepared this Privacy Policy to describe to you our practices regarding the Personal Data (as defined below) we collect from users of our website, located at www.sotira.co (the “Site“) and the data, text, reports, templates, agreements and other materials that are made available or enabled via the Site (the “Sotira Materials“) (collectively, the “Sotira Site“).

1. Questions; Contacting Sotira; Reporting Violations. If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at the following email:

Email address: support@sotira.co

2. A Note About Children. We do not intentionally gather Personal Data from visitors in the US who are under the age of 13. If a child under 13 submits Personal Data to Sotira and we learn that the Personal Data is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Data from a child under 13, please contact us at support@sotira.co.

3. A Note to Users Outside of the United States. If you are a user of the Sotira Site who resides in a country other than the United States this section applies to you:

1. If you reside in the UK or any country within the European Economic Area (“EEA“):

1. Sotira is the Controllers (for the purposes of the General Data Protection Regulation 2016/679 (“GDPR”) and any implementing legislation or legislation having equivalent effect in the UK (together, “EU Data Protection Legislation”)) of your Personal Data.

2. The legal basis of our processing of your Personal Data as described in this Privacy Policy is our legitimate interests where those interests are not overridden by the impact on you (unless our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, please contact us at the address or phone number above.

3. We ask that you not provide us with any Special Category Personal Data (as defined in the GDPR), e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, or trade union membership, or any criminal background information. If you do not consent to our processing and use of such sensitive information, you must not submit such sensitive information through the Sotira Site.

4. We may transfer your Personal Data to a country outside the UK or EEA in accordance with requirements prescribed under EU Data Protection Legislation. When we transfer your Personal Data outside the UK or EEA, we hold it subject to appropriate safeguards and controls and ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:

5. We may transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission. For further details, see https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.

2. If you reside in Singapore:

1. You agree that your accessing or using the Sotira Site in any way constitutes your agreement that (a) we may process your Personal Data for the purposes identified in the Privacy Policy, and (b) your Personal Data may be transferred to and processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of Personal Data may be less stringent than the laws in your country.

2. We may transfer your Personal Data to a country or territory outside Singapore in accordance with requirements prescribed under the Singapore Personal Data Protection Act (“PDPA“) to ensure that we provide a standard of protection to Personal Data so transferred that is comparable to the protection under the PDPA. By providing your Personal Data, you consent to such transfer.

4. Types of Data We Collect. “Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data. “Anonymous Data” means data that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data and Anonymous Data, as described below.

1. Information You Provide to Us.

1. We may collect Personal Data from you, such as your first and last name, e-mail, mailing address, and phone number.

2. If you provide us feedback, post an event or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the form, in order to send you a reply.

3. We may also collect Personal Data at other points in the Sotira Site that states that Personal Data is being collected.

2.Information Collected Via Technology

1. Information Collected by Our Servers. To make our Sotira Site more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP“) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.

2. Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet service provider (“ISP“), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, administer the Sotira Site, track users’ movements around the Sotira Site, and to gather demographic information about our user base as a whole. For example, some of the information may be collected so that when you visit the Sotira Site, it will recognize you and the information could then be used to provide information appropriate to your interests. Except as noted in this Privacy Policy, we do not link this automatically-collected data to Personal Data.

3. Cookies. Like many online services, we use cookies to collect information. “Cookies” are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a website or mobile application. Cookies are then sent back to the originating site on each subsequent visit, or to another site that recognizes those cookies. You can find out more information about cookies at http://www.allaboutcookies.org/. Cookies are widely used in order to make sites work, or to work more efficiently, as well as to provide information to the owners of the platform. We use cookies to enhance the online experience of our visitors and to better understand how our site is used. Cookies may tell us, for example, whether you have visited our site before or whether you are a new visitor. This type of information is collected to make the Sotira Site more useful to you. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on the Sotira Site.

4. Do Not Track Browser Setting. We do not currently respond to “do not track” signals from web browsers.

5. Pixel Tags. We may use “Pixel Tags” (also referred to as clear Gifs, Web beacons, or Web bugs). Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, that are used to track online movements of Web users. In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in Web pages. Pixel Tags allow us to send e-mail messages in a format users can read, and they tell us whether e-mails have been opened to ensure that we are sending only messages that are of interest to our users. We may use this information to reduce or eliminate messages sent to a user. We do not tie the information gathered by Pixel Tags to our users’ Personal Data.

6. Collection of Data by Advertisers. We do not use third parties to serve ads on the Site or collect personally identifiable information about your online activities over time and across different websites.

7. Google Analytics. We use Google Analytics to help analyze how users use the Sotira Site. Google Analytics uses Cookies to collect information such as how often users visit the Sotira Site, what pages they visit, and what other sites they used prior to coming to the Sotira Site. We use the information we get from Google Analytics only to improve the Sotira Site. Google Analytics collects only the IP address assigned to you on the date you visit the Sotira Site, rather than your name or other personally identifying information. We do not combine the information generated through the use of Google Analytics with your Personal Data. Although Google Analytics plants a persistent Cookie on your web browser to identify you as a unique user the next time you visit the Sotira Site, the Cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to the Sotira Site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can avoid the use of Google Analytics relating to your use of our site by downloading and installing the browser plugin available via this link: http://tools.google.com/dlpage/gaoptout?hl=en-GB

5. Use of Your Personal Data

1. General Use. In general, Personal Data you submit to us is used to respond to requests that you make. We use your Personal Data in the following ways:

1. to provide improved administration of the Sotira Site;

2. to improve the quality of experience when you interact with the Sotira Site;

3. to send you follow-up communications when you contact us via e-mail, submit feedback, or post an event; and

4. to send you administrative e-mail notifications, such as updates regarding the Sotira Site, security, or support and maintenance advisories.

2. Creation of Anonymous Data. We may create Anonymous Data records from Personal Data by excluding information (such as your name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of, and improve navigation on, the Sotira Site. We reserve the right to use Anonymous Data for any purpose and disclose Anonymous Data to third parties in our sole discretion.

6. Disclosure of Your Personal Data. We disclose your Personal Data as described below and as described elsewhere in this Privacy Policy.

1. Third Party Service Providers. We may share your Personal Data with third party service providers to: provide you with the Sotira Materials; to conduct quality assurance testing; to provide technical support; and/or to provide other services to Sotira. These third party service providers are required not to use your Personal Data other than to provide the services requested by Sotira.

2. Corporate Restructuring. We may share some or all of your Personal Data with entities within our group of companies. We may also share some or all of your Personal Data in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy.

3. Other Disclosures. Regardless of any choices you make regarding your Personal Data (as described in Section 8 below), Sotira may disclose Personal Data if it believes in good faith that such disclosure is necessary (a) in connection with any legal investigation; (b) to comply with relevant laws or to respond to subpoenas or warrants served on Sotira; (c) to protect or defend the rights or property of Sotira or users of the Sotira Site; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our Terms of Use.

7. Third Party Websites. The Sotira Site may contain links to third party websites. When you click on a link to any other website or location, you will leave our Site and go to another site, and another entity may collect Personal Data or Anonymous Data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of your Personal Data after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

8. Your Choices Regarding Information. You have several choices regarding the use of information on the Sotira Site:

1. Email Communications. We may periodically send you free newsletters and promotional e-mails if you have indicated that you would like us to do so. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information above). Despite your indicated e-mail preferences, we may send you service related communications, including notices of any updates to our Terms of Use or Privacy Policy.

2. Cookies. If you decide at any time that you no longer wish to accept Cookies from the Sotira Site for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions, or all functionality, of the Sotira Site. If you have any questions about how to disable or modify Cookies, please let us know at the contact information provided above.

3. Changing or Deleting Your Personal Data. Personal Data submitted for document generation is deleted daily by an automated process. Personal Data submitted for other purposes will be retained for such period as may be required to fulfill the purposes set out in this Privacy Policy, or such other period as may be required by law. You may request deletion of your Personal Data by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required by law to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. If you reside in the EEA, in the event that such Personal Data remains in our archives, Sotira will ensure that this data is put beyond use. If you reside in Singapore, we will take commercially reasonable efforts to ensure that your Personal Data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that (i) the purpose for which your Personal Data was collected is no longer being served by the retention of such Personal Data; and (ii)

4. Your Rights Regarding Your Personal Data.

1. If you reside in the UK or EEA, you have certain, you have certain rights regarding your Personal Data and may, in certain circumstances, ask us to take the following actions in relation to such data: 1. provide you with information about our processing of your Personal Data and give you access to such data. 2. update or correct inaccuracies in your Personal Data. 3. delete your Personal Data. 4. transfer a machine-readable copy of your Personal Data to you or a third party of your choice. 5. restrict the processing of your Personal Data. 6. object to our reliance on our legitimate interests as the basis of our processing of your Personal Data that impacts your rights.

2. If you reside in Singapore, you may request to access and/or correct your Personal Data currently in our possession by writing to us. Please note that we may charge you a reasonable fee for the handling and processing of your requests to access your Personal Data.

9. Changes to this Privacy Policy. This Privacy Policy may be updated from time to time for any reason. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here and we will change the “Last Updated” date above. You should consult this Privacy Policy regularly for any changes.