Sobot Privacy Protection Policy

Date Last Updated: October 19, 2023

This Privacy Protection Policy(“Policy”) sets out the basis which Sobot Technologies PTE. LTD ( “Sobot”, “we”, “us”, or “our”) may collect, use, disclose or otherwise process Personal Data through our products and services in accordance with the Personal Data Protection Act of Singapore (“PDPA”) .

This Policy applies to all platform products and services provided by Sobot including but not limited to our website (domain name: https://www.sobot.io),mobile applications (Sobot Customer Service APP), desktop applications (Sobot Customer Service PC version, web version), and Sobot SDK. This Policy applies to Personal Data in our possession or under our control, including Personal Data in the possession of organisations which we have engaged to collect, use, disclose or process Personal Data for our purposes.

This Policy does not apply to the extent we process Personal Data in the role of a processor or service provider on behalf of our Customers (or their affiliates): (i) create their own websites and applications running on our platforms; (ii) send electronic communications to its Clients; or (iii) otherwise collect, use, share or process Personal Data via our Products and Services.

This Policy does not apply to products and services provided to you by any other third parties through the aforementioned website, apps and client software. We recommend that you review the personal information and privacy policies of such third parties before using their products and services to understand how they handle your information. You are solely responsible for all the consequences of providing or sharing your personal information with third parties when you use their products and services.

Please note that depending on the country where you are from, there may be certain country specific addendums that may apply to you that form an integral part of this Privacy Notice.

 

We may update this Policy from time to time in response to changing legal, technical or business developments. When we update the Policy, we will take appropriate measures to inform you (such as by posting an amended Policy via pop-up window) and may obtain your consent, consistent with the significance of the changes we make and as required by applicable law.

 

I.       Definitions

For purposes of this Policy, the terms have the following meanings:

Ÿ   “Personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

Ÿ   “Customer” means the company or other legal entity that intends to or has formed a business relationship with us.

Ÿ   “You” means the authorized persons representing a Customer.

Ÿ   “Client” means individuals to whom our customers provide services by using our products or services;

Ÿ   “Services” means the products and services that are ordered by You under an Order Form or online purchasing portal, or provided to You under a free trial, and made available online by Sobot. “Services” exclude Content and Non-Sobot Applications.

Other terms used in this Policy shall have the meanings given to them in the Terms of Services.

 

II.     How We Collect and Use Your Personal Data

We will collect and use Your Personal Data for the purposes of this Policy as follows:

1.     Account Registration

a.     Basic Account Services

To register an account with our Services, you will need to provide your contact name, mobile phone number and email address, as well as your company name, enterprise qualification certificate (a scanned copy of your business license etc.) and the password to be used. We may check your identity against the mobile phone number or email address you provide above. In order to log in to your Sobot Services account, you will need your email address and a login password.

 

To achieve basic customer service account function, you must authorize us to collect and use the following customer service information: email account, customer service ID, customer service nickname, real name and mobile phone number.

 

b.     Additional Account Services

For additional account management functions, you can choose to complete and store the following customer service information: avatar, customer service work number, fixed telephone number, QQ number, customer service role, call account number, external number, login time and update time.

 

We may provide your account information (avatar, nickname and other page prompts) to third parties with your consent to enable you to easily register for a third-party account or to log in directly with the third party for the purpose of account authorization. In addition, we may also obtain your third-party account information from third parties based on your consent and link to your Sobot Services account to enable you to log in and use our products and/or services directly with the third party. We will use your relevant information within the scope of your authorization.

 

2.     Performance of Services

When you use our Services, we may automatically collect and store the following information as web logs in order to identify network status and account exceptions, to understand the adaptability of our products and services and to provide you with services that better adapt your needs, including:

Ÿ   Equipment information: we will receive and record the necessary device and system information (including device identifier, Android ID, operating system type, system version, App package name, App version, device type, device manufacturer, device model, screen size, network type) that you use based on your specific actions during the installation and use of the software, and you will need to authorize device information permissions.

Ÿ   Service log information: when you use the Services, in order to count the usage of platform users and optimize our Services, we will automatically collect detailed information about your usage of our services and keep it as a service log, including the date and time of access, source URL, browsing history, search query, click to view, follow, browser and version, etc.

Please note that service log information and device information alone is information that does not identify a specific natural person. If we combine such non-personal information with other information to identify a specific natural person or use it in combination with Personal Data, such non-personal information will be regarded as Personal Data during the combined use and will be anonymized and de-identified unless authorized by you or otherwise required by law.

 

In order to send you notifications about your account and the content of our Services, we may send you messages via the mobile phone number or email address you provided when you registered. We may also send you product and/or service updates, management and other service notifications that we deem necessary to inform you of, such as via SMS, site notifications, etc.

 

We are committed to protect your using experience and once you have opted out of receiving content from us, you will need to unsubscribe via email or SMS or contact customer service. Please note that your cancellation of a service notification will directly result in you being unable to continue using that product or service.

 

3.     Customer service and dispute solution

If you have any comments or suggestions on the use of Sobot Services, or if you need to make a complaint or be given feedback, you can contact us using work orders, telephone or online customer service.

To protect the security of your account and our systems, we require you to provide the necessary Personal Data to verify your identity. We may keep a record of your communications, correspondence/calls and related content (including session content, account information, work order information, other information you provide to prove a fact, or contact information you leave behind) in order to contact you, help you resolve a problem as soon as possible or record the outcome of the problem. We will use your account information and work order information if you make an enquiry, complaint or provide advice in relation to a specific work order.

 

4.     Protect account security

In order to improve the security of Services provided by us and our partners, to protect you or the public from infringement of personal property, to better prevent phishing sites, fraud, network vulnerabilities, computer viruses, network attacks, network intrusion and other security risks, and to more accurately identify violations of laws and regulations or the rules of the relevant agreement of Sobot, we embed in the applications Security SDK which developed by us to collect your device information, service log information, and may use or integrate your registration information, device information, service log information and information that our partners obtain your authorization or share in accordance with the law to make a comprehensive determination of your account risk, conduct identity verification, detect and prevent security incidents, and take the necessary recording, auditing, analysis and disposal measures in accordance with the law.

 

We will obtain your prior consent if we use information for purposes other than those set out in this Policy, or if we use information collected for a specific purpose for other purposes, or if we obtain your Personal Data from a third party on our own initiative.

III.  Do Not Call Registries

The consent for Sobot to collect, keep and use Personal Data given under this Policy apply even if the relevant mobile numbers, contact or other Personal Data are listed with the Singapore Do-Not-Call registry (or any other similar registries or services), and override the DNC or similar listings. These consent apply to all dealings with Sobot, including those through mobile apps, Internet portals and any other electronic systems or properties. Sobot complies with all provisions regarding the DNC Registry under the PDPA.

IV.   Withdrawing Your Consent

The consent that you provide for the collection, use and disclosure of your Personal Data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your Personal Data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.

 

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.

 

Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our Services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.

 

Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use and disclose without consent is permitted or required under applicable laws.

V.     How We Use Cookies and Other Similar Technologies

Cookies and similar device information identification technologies are commonly used on the Internet and are small files that are stored by a web server on your computer, mobile phone or other smart device when you log on to a website or browse web content, usually containing an identifier, the name of the site and some numbers and characters. The website recognizes your browser by the cookie when you return to the respective website.

 

When you use our Services, we may collect your device model, operating system, device identifier, login IP address information, as well as cache your browsing information, and click information through cookies or similar technologies. Cookies allow us to identify you when you visit and may also be used to show you information or functions that may be of interest to you. Cookies also save you from having to repeatedly enter search content, account information and other steps. We promise that we will not use cookies for any purpose other than those described in this Policy.

 

You may manage or remove certain categories of tracking technology from cookies according to your preferences. Most browsers provide visitors with the function to clear the browser's cache data, and you may be able to clear the data accordingly, or you may be able to modify your acceptance of cookies or reject our cookies. You may not be able to use services or corresponding functions that rely on cookies because of these modifications.

 

VI.   How We Disclose Your Personal Data

We will not share your Personal Data to third parties without your consent. We may commission an authorized partner to process your Personal Data in order to authorize the partner to provide certain services or perform functions for you on our behalf. We will only commission them with your information for the lawful, legitimate, necessary, specific and explicit purposes stated in this Policy, and the authorized partner will only have access to the information required to perform its duties and will be required by agreement not to use this information for any other purposes beyond those commissioned to it. If an authorized partner uses your information for a purpose that we have not commissioned to them, they will obtain your consent separately.

Currently, we commission the following types of authorized partners:

Ÿ   Authorized partners in the advertising and analytics services category. We will commission these partners with the processing of information relating to the placement, reach and effectiveness of advertising, subject to the use of security technology common to the industry. We do not commission your personally identifiable information to our partners.

Ÿ   Suppliers, service providers and other partners. We commission the processing of information to suppliers, service providers and other partners who support our business, including data storage services commissioned by us, technical infrastructure services, analysis of how our services are used, measuring the effectiveness of advertising and services, providing customer service or conducting academic research and surveys.

 

To comply with applicable laws (including the PDPA) or respond to valid legal procedures (including where applicable those under the PDPA), Sobot may also disclose your Personal Data to law enforcement or other government agencies. If Sobot is involved in a restructuring, merger & acquisition, or a bankruptcy or liquidation lawsuit in a given jurisdiction, your Personal Data may be disclosed in connection with the transaction. Sobot may also disclose your data when appropriate, for example, to execute Terms of Services, when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or when it is in connection with an investigation of suspected or actual illegal activity.

VII.How We Process Children’s Personal Data

Our Services are primarily intended for adults. A child must not create an account without the consent of a parent or guardian. If a child's Personal Data is collected with prior parental consent, we will only use or disclose the data as permitted by applicable law (including the PDPA), with the express consent of the child's parents or guardians, or when necessary for the protection of the child. If we accidentally collect a child's personal data without verified prior consent from the child's parents, we will attempt to delete the data as soon as possible.

VIII.     How We Protect Your Personal Data

We have taken reasonable and practicable security measures in accordance with industry standards to protect your information from unauthorized access, public disclosure, use, modification, damage or loss. We use encryption technology to enhance the security of Personal Data; we use trusted protection mechanisms to prevent malicious attacks on personal information; and we deploy access control mechanisms to ensure that only authorized personnel have access to personal information. Before we share your Personal Data with our partners, we strictly require our partners to undertake data protection obligations and responsibilities. To this end, we will require our partners to sign a data processing agreement or include provisions on data protection in the cooperation agreement signed by both parties prior to the cooperation. The agreement strictly stipulates the partner's obligation to keep user information confidential, including the storage, use and flow of information, which shall meet our control requirements and be subject to our review, supervision and audit, and in case of any breach, we will require the other party to bear the corresponding legal responsibility.

 

Please note, however, the Internet is not an absolutely secure environment and we strongly recommend that you do not use communication methods other than those recommended by Sobot when using Sobot services to send your information and that you use complex passwords to help us protect the security of your account.

 

We will act in accordance with our data breach response plan in the event that a suspected data breach has occurred. Where we have determined that a data breach has occurred, we will notify the local data privacy regulator and affected data subject(s) in accordance with law. If you notice that your Personal Data has been breached and/or compromised, you may contact us through the channel we provide in this Policy.

IX.   How you Manage Your Personal Data

Ÿ  

  • Access to your Personal Data

You have the right to access your Personal Data, if you want to exercise your right to access data, you can access it by yourself in the following ways: you as the account administrator can check the customer service information under the current account by clicking on personal information in the intelligent customer service system, and check other customer service information in the customer service list under the customer service management module, including customer service ID, customer service nickname, avatar, real name, customer service work number, mobile number, phone number, social media number, customer service role, call number and external number.

 

Ÿ  

  • Correction of your Personal Data

When you wish to change your Personal Data, you can do it directly in the intelligent customer service system in Personal Information under that account, and you can change the information under the current account as well as other accounts in the customer service list.

 

Ÿ  

  • Deletion of Personal Data or account cancellation

If you wish to completely delete your Personal Data or cancel your registered account, you can send a written request to the following email address: Privacy@sobot.io and our dedicated staff responsible for Personal Data protection will promptly process it and provide you with feedback on the outcome within 15 working days.

 

Ÿ  

  • Access to copies of Personal Data

You have the right to obtain a copy of your personal information, which you can do yourself by: you can export your customer service information from your customer service list in the customer service manager of the new version of the intelligent customer service system.

X.     How We Store and Transfer Personal Data Globally

We may retain your Personal Data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

 

We will cease to retain your Personal Data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the Personal Data was collected, or is no longer necessary for legal or business purposes, or you withdraw your consent.

 

For providing the Services you request, your personal data may be transferred to other countries (including countries outside where you reside in) to our affiliates or third-party service providers .For example, according to your region or needs, your Personal Data may be transferred outside the country where you reside in and be stored in our proprietary servers in Singapore or the United States. Please note that these countries may apply different data protection standards that differ from those where you reside. We will take appropriate steps to ensure that your Personal Data continues to ensure an adequate level of data protection even if your personal data is transferred to these countries..

 

XI.   How to Contact Us

If you have any questions, comments or suggestions regarding this Privacy Protection Policy, contact us at:

 

Ÿ   Send personal information protection email to: Privacy@sobot.io

 

Ÿ   Mail the letter to: [112 ROBINSON ROAD, #03-01, ROBINSON 112, Singapore 068902 ], addressee: DPO

 

We will complete the identification and response process within 10 working days after receiving your comments and suggestions. If we are unable to respond to your request, we will send you a notice with an explanation of why within the maximum time required by law.

 

If you are not satisfied with our response, or if our handling of your Personal Data infringes your legitimate rights and interests, and we are unable to provide you with a satisfactory response and refuse to improve after your feedback to us, you may file a complaint and report to the relevant regulatory department.

 

We would like to notice you again that please read this Privacy Policy carefully. By clicking the "Register"/"Login" button, you are deemed to have fully accepted all the contents of this Privacy Policy. Before clicking, please reconfirm that you have known and fully understood the entire contents of this Privacy Policy.

 

Additional Notice for EEA Customers

I.       European Economic Area Customers and our “lawful bases” for using your data

The General Data Protection Regulations (“GDPR”) requires organisations like us to provide a lawful basis on the collection and use of your Personal Data. Our lawful basis to collect and use information from our EEA users include when:

1.      To comply with statutory obligations: When ensuring compliance with applicable laws and regulations, Sobot may process your Personal Data based on:

   GDPR Article 6.I (c) if necessary, to fulfill legal requirements under European Union or EU Member State law to which Sobot is subject;

   GDPR Article 6.I (f) if necessary, to fulfill laws and regulations extraterritorial to the EU (legitimate interest to comply with extraterritorial laws and regulations);

   Or the equivalent articles under other national laws, when applicable.

2.      To pursue business relationships with customers, partners, and others: When pursuing business relationships with customers, partners and others, Sobot may be processing Personal Data based on:

   GDPR Article 6.I (b) if necessary, to fulfill (pre-)contractual obligations with you;

   GDPR Article 6.I (c) if necessary, to fulfill legal requirements applicable to Sobot;

   GDPR Article 6.I (f) if the contract or pre-contractual relation relates to a company or other legal body and if Sobot processes your Personal Data as customer contact to fulfill (pre-) contractual obligations with your employer (legitimate interest to efficiently perform or manage Sobot’s business operation);

   GDPR Article 6.I (f) if necessary, to maintain our business relationships with our customers, ensure your satisfaction as a customer representative, and provide you with information about other Sobot products and services as indicated by your interest or demand (legitimate interest to operate sustainable business relationship with Sobot customers and partners);

   Or a legal permission under other national laws equivalent to any of the above, when applicable.

3.      To operate Sobot internet pages, web-offerings, or other online events: When operating our websites and depending on the respective operating purpose, Sobot is processing your Personal Data on the basis of the following legal permissions:

   GDPR Article 6.I (b) and (f) to provide the web-services and functions, create and administer your online account, updating, securing, troubleshooting the service, providing support, improving, and developing the web-services, answering and fulfilling your requests or instructions, (legitimate interest to efficiently perform or manage Sobot’s business operation);

   GDPR Article 6.I (c) and (f) to manage and ensure the security of our web-services and prevent and detect security threats, fraud or other criminal or malicious activities and as reasonably necessary to enforce the web-services terms, to establish or preserve a legal claim or defense, to prevent fraud or other illegal activities, including attacks on our information technology systems (legitimate interest to efficiently perform or manage Sobot’s business operation and assert or defend itself against legal claims);

   GDPR Article 6.I (a) if it is necessary that we ask you for your consent to process your Personal Data;

   Or equivalent legal permissions under other relevant national laws, when applicable.

4.      To use Cookies and similar tracking technologies: When tracking and evaluating the usage behavior of users of our web-services by means of cookies or similar technologies, Sobot is processing your Personal Data on the basis of the following legal permissions:

   GDPR Article 6.I (a) if it is necessary that we ask you for your consent to process your Personal Data;

   GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you;

   GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage Sobot’s business operation);

   Or equivalent legal permissions under other relevant national laws, when applicable.

5.      To offer Sobot products and services: When engaging in marketing activities, Sobot is processing your Personal Data on the basis of the following legal permissions:

   GDPR Article 6.I (a) if your consent is required by law for Sobot to process your data for this purpose;

   GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage Sobot’s business operation), to maintain our business relationships with you or your employer, to ensure your satisfaction as a user or customer contact, to map the relevant group internal structures and bundle relevant business activities at central sources within the Sobot to operate them uniformly and to provide you with information about other Sobot products and services as indicated by your interest or demand, which may also comprise the combination about you from different sources (profiling) (legitimate interest to maintain and operate intelligent and sustainable business processes in a group structure optimized for the division of labor and in the best interest of our employees, customers, partners, and shareholders and to operate sustainable business relationship with Sobot customers and partners). Sobot may provide you with this information to your postal address to pursue our legitimate interest to address customers, prospects and targets for the purpose of advertising our products and services, to your email address for the purpose of direct marketing of similar products or services provided that we (i) received your email address in connection with the purchase of our products or services, (ii) you did not object to the use of your email address for direct advertising and (iii) and we inform you in every approach that you may object to our use of your email address for marketing purposes at any time, and by other electronic means (e.g., telephone, MMS) to the extent permitted under applicable law, generally either explicit or presumed consent;

   Or equivalent legal permissions under other relevant national laws, when applicable.

6.      Improve our services provided to you: We may carry out algorithm training, such as optimize the functions of Chatbot and emotion analysis, enrich the internal knowledge base for Chatbot. Sobot is processing your Personal Data on the basis of the following legal permissions:

   GDPR Article 6.I (a) if your consent is required by law for Sobot to process your data for this purpose;

   GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage Sobot’s business operation);

   Or equivalent legal permissions under other relevant national laws, when applicable.

7.      Provide service maintenance, such as updating our products and services: Sobot is processing your Personal Data on the basis of the following legal permissions:

   GDPR Article 6.I (a) if it is necessary that we ask you for your consent to process your Personal Data;

   GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you;

   GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage Sobot’s business operation);

   Or equivalent legal permissions under other relevant national laws, when applicable.

8.      For identification and verification purposes in connection with any of the products and/or services that may be supplied to you by us or that you may request from us: Sobot is processing your Personal Data on the basis of the following legal permissions:

   GDPR Article 6.I (a) if it is necessary that we ask you for your consent to process your Personal Data;

   GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you;

   GDPR Article 6.I (c) if necessary, to fulfill legal requirements under European Union or EU Member State law to which Sobot is subject;

   GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage Sobot’s business operation);

   Or equivalent legal permissions under other relevant national laws, when applicable.

9.      Responding to, handling, and processing queries, requests, applications, complaints, and feedback from you: Sobot is processing your Personal Data on the basis of the following legal permissions:

   GDPR Article 6.I (a) if it is necessary that we ask you for your consent to process your Personal Data;

   GDPR Article 6.I (b) if necessary to fulfill (pre-)contractual obligations with you;

   GDPR Article 6.I (c) if necessary, to fulfill legal requirements under European Union or EU Member State law to which Sobot is subject;

   GDPR Article 6.I (f) if necessary to fulfill (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage Sobot’s business operation);

   Or equivalent legal permissions under other relevant national laws, when applicable.

 

II.     RETENTION OF PERSONAL DATA

We store your information until it is no longer necessary to provide the services or otherwise relevant for the purposes for which it was collected. This time period may vary depending on the type of information and the services used, as detailed below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible. We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from anonymized information retained or used for these purposes.

  Identity and account information. We store your identity and account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services.

  Information about the order placed through our websites. We retain your order information as necessary to provide products and services to you, to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services.

  Marketing information, cookies and web beacons. If you have elected to receive marketing messages from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our services, such as when you last opened an e-mail from us or visited our websites. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

  Device and service log information. We collect device-specific information from you when we have provided end user equipment to you or you have installed our software on your device. If you do not revoke our access to this information via the privacy settings on your device, we will retain this information for as long as your account is active.

 

III.  INTERNATIONAL TRANSFERS

Personal data is stored on and processed by us and our service providers at destinations outside the EEA that may not be subject to equivalent data protection laws, for customer care, account management and service provisioning. When you visit our websites, sign up for services with us or inquire about our services, we transfer your information to countries or regions outside EEA as necessary to perform our agreement with you or to respond to an inquiry you make. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers.

Accordingly, by using our products and services, you authorize the transfer of your information to countries or regions outside EEA, where we are based and to its (and their) storage and use as specified in this Notice, its Appendix and any applicable terms of service or other agreement between you and us. In some cases, we may seek specific consent for the use or transfer of your information overseas at the time of collection. If you do not consent, we may be unable to provide you with the services you requested.

 

Where your information is transferred outside the EEA, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, and that it is treated securely and in accordance with this Notice and its Appendix.

   International transfers within Sobot and its corporate affiliates. To facilitate our global operations, we transfer information among our corporate affiliates in countries whose privacy and data protection laws may not be as robust as the laws of the countries where our customers and users are based. We utilize standard contractual clauses approved by the European Commission for data transfers from the EEA to other regions or countries..

   International transfers to third parties. Some of the third parties described in this Notice, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we share information of users in the EEA with such third parties, we shall make use of legally-recognized data transfer mechanisms, which may include the European Commission’s standard contractual clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer.

 

IV.   ADDITIONAL RIGHTS FOR EEA USERS

If you are from the EEA, you may have broader or additional rights, including:

   To be provided with a copy of your Personal Data held by us;

   To request the rectification or erasure of your Personal Data held by us;

   To request that we restrict the processing of your Personal Data (while we verify or investigate your concerns with this information, for example);

   To object to the further processing of your Personal Data, including the right to object to marketing and profiling; and

   To request that your provided Personal Data be moved to a third party.

You can exercise the rights listed above at any time by contacting us and if you feel that your request or concern has not been satisfactorily resolved, or our response is not provided within a reasonable time, you may approach your local data protection authority.