1. Data Collection. Provider may collect data that Customer provides directly to Provider and data that is collected automatically when Customer uses Provider Services (See “Customer Data” in Section 1 of the Agreement).

1.1  Personal Information: When Customer uses Provider Services, Provider may collect Personal Information including, without limitation, names, email addresses, phone numbers, and payment details.

1.2  Usage Data: Provider may automatically collect data in connection with Customer’s interactions with Provider’s platform, including, without limitation, IP addresses, browser types, operating systems, and usage patterns.

1.3  Cookies and Tracking Technologies: Provider may use cookies and similar technologies to enhance Customer’s experience, analyze usage, and provide tailored content. 

2. Data Use. Provider may use Customer Data for the following purposes:

2.1  To Provide and Improve Services: To deliver, maintain, and enhance Services, and to develop new features and functionality.

2.2  To Communicate with Customer: To send Customer updates, notifications, and promotional materials related to Services. 

2.3  To Process Transactions: To process payments and manage billing-related activities.

2.4  To Ensure Security: To monitor and protect against unauthorized access, fraud, and other security threats.

3. Data Sharing. Provider will not sell or rent Customer Data to third parties. However, Provider may share Customer Data in the following circumstances:

3.1  With Subcontractors: Provider may share Customer Data with third-party vendors and service providers who assist Provider in performing its obligations under the Agreement.

3.2  For Legal Reasons: Provider may disclose Customer Data if required by law, in response to legal processes, or to protect Provider’s rights, privacy, safety, or property.

3.3  Business Transfers: In the event of a merger, acquisition, or other business reorganization, Customer Data may be transferred to the successor entity.

4. Data Security. Provider will implement appropriate technical and organizational measures to safeguard Customer Data against accidental or unauthorized loss, destruction, alteration, disclosure or access. However, no security system is impenetrable, and Provider cannot guarantee absolute security.

5. Data Retention. Subject to applicable legal retention obligations, upon termination of this Agreement, Provider will return to Customer or delete any Customer Data without keeping a copy, in accordance with the procedures and timeframes applied by Provider from time to time, and if requested, Provider will confirm such deletion to Customer in writing. 

6.         Data Breaches. Provider will inform Customer without undue delay after it becomes aware of any Data Breach in connection with the Processing of Customer Data under this policy, observing the following process:

1. Provider will investigate the Data Breach and take reasonable measures to identify its root cause(s) and, where such breach is caused by the Provider, take steps to prevent a recurrence;

2. as information is collected or otherwise becomes available, to the extent legally permitted, Provider will provide Customer with a description of the Data Breach, the type of the data to which the breach relates, and other information Customer may reasonably request concerning the affected data subject(s) where such information is available to Provider; and

3. the Parties agree to coordinate in good faith on developing the content of any related public statements or any required notices for the affected data subject(s) and/or the competent supervisory authorities.

7.         User Rights. Customer has the following rights regarding Personal Information:

7.1  Access and Correction: Customer may request access to or correction of Customer’s Personal Information.

7.2  Data Deletion: Customer may request the deletion of Customer’s Personal Information at any time, subject to certain legal obligations and exceptions.