Your Personal Data

Personal data refers to identifying information that relates to an individual. Identification can be by the data alone or in conjunction with any other data in the data controller's possession or likely to come into such possession. Doctor A Security collects information only to provide you with the Services that you opted into. In order to provide you with our products or Services, including responding to your inquiries, we may ask for your personal information. If you choose not to provide the requested information, we may be unable to deliver the desired Services. Most of Doctor A Security's Services are provided under a Doctor A Security Account, and if you no longer require the Service or wish to have your data removed, you may delete your Doctor A Security Account.

In general, Doctor A Security collects personal data from you via mail, email, telephone, or via our cookies for the purpose of delivering our Services to you, details of which are further set forth in the "Services" section of this policy, to operate our websites to provide you access to and use of our websites and Services, to administer your use of our Services, to communicate with you and respond to your requests, to manage your account, to customize your Service experience with us, to improve our Services and products, to provide you with our online or offline marketing measures and activities, including but not limited to newsletters, online and live event registrations, and other promotional information and materials, to share your contact details with our subsidiaries, affiliates, authorized repair and support centers, authorized logistics companies, communications infrastructure, and other entities deemed necessary to carry out providing these Services to you, to share your contact details with our affiliate offices around the world within our group of companies for the purposes of internal administration and back-office support, to ensure our network security, and to prevent fraud, to enforce or defend our policies or contract with you, and to maintain the integrity and safety of our data technology systems that store and process your personal data.

• Email Address Your e-mail address, which is used as identification for our services and as the primary communication method.

• Name & Address Your name, address, phone number, and additional contact information are used to provide registration, device shipping, and billing verification services.

• Payment Data Your payment method and financial data (credit card, bank account number, etc.), which is used for payment transactions for a service or product, logistics and billing data (such as customs ID and tracking number).

• Login account Your account login, account name, account number, password, account activity, files accessed or used by you, transaction data and any information you provide during a transaction, or other transaction-based content that you generate or connected to your account as a result of your transaction.

• Chat & Service History Your chat and service history with us, and any other information you may provide us when you interact with us.

• Others Other information that you provide to us through digital or physical means may be stored on a case-by-case basis depending on the reason it was provided.

Lawful Bases and Other Usage

The lawful bases for Doctor A Security to process your personal data for the various types of processing performed on your personal data are, as applicable, processing based on your consent, as necessary for us to enter into and to perform our contract with you, or in certain circumstances, as necessary for Doctor A Security to pursue our "legitimate interests", where our interests are not outweighed by your rights and freedoms.

"Legitimate interest" situations necessitating such actions may include the following: to protect you, us, or others from security threats, to comply with laws we are subjected to, to implement information sharing within Doctor A Security's group affiliates, to prevent fraud, misuse of company IT systems, to operate a whistleblowing scheme, for purposes of mergers and acquisitions, and to perform internal investigations and auditing.

Doctor A Security will collect, process, and use the personal data supplied by you only for the purposes communicated to you and will not disclose your data to third parties except under the lawful bases set forth above. Doctor A Security does not share your personal information with third parties for the purpose of direct marketing.

You are not under any obligation to provide us any of your personal data. However, please note that without certain data from you, we may not able to undertake some or all of our obligations to you under our contract with you, or adequately provide you with our full range of services. If you would like to obtain more detail about this, please contact us following the instructions in the "Contact Information" section below.

Period of Storage

Doctor A Security keeps your personal data for no longer than reasonably necessary for the given purpose for which your data is processed. If you will provide us, or have provided us, consent for us to process your data, we will process your data for no longer than your consent is effective. Notwithstanding the above, we may retain your personal data as required by applicable laws and regulations, as necessary to assist with any government and judicial investigations, to initiate or defend legal claims or for the purpose of civil, criminal, or administrative proceedings. If none of the above grounds for us to keep your data apply, we will delete and dispose of your data in a secure manner.

Data Controllers, Contracting Parties, Transfer of Data

We use the term "Designated Countries" to refer to countries that are in the European Union (EU), European Economic Area (EEA), and Switzerland. If you reside in Designated Countries, Doctor A Security Systems (HK) Limited will be the controller of your personal data. Doctor A Security would be responsible for collecting, and processing data per our services, which will be covered by the Terms of Service of the relevant service.

For users residing outside of Designated Countries, Doctor A Security Systems (HK) Limited, ("Doctor A Security") will be the controller of your personal data. Your usage of services provided by Doctor A Security will be bound by the Terms of Service of the relevant service.

Doctor A Security's Services include providing technical support, device replacement, payment services, event registration, as well as the transfer of data based on users' decisions, around the world. The nature of these Services requires us to be able to transfer data into and out of the European Union (EU) to Doctor A Security subsidiaries, affiliates, authorized repair and support centers, authorized logistics companies, communications infrastructure, and other entities deemed necessary to carry out providing these Services. We may also transfer your data to third-party service providers whom we subcontract to work on our behalf or for us and therefore may have access to the data only for purposes of performing these tasks on our behalf and under obligations similar to those described in this Privacy Statement, who perform functions such as data processing, auditing, order fulfillment, managing and enhancing customer data, providing customer service, conducting customer research or satisfaction surveys, marketing support, payment processing and invoice collection support, informational systems technical support, to help us provide, analyze, and improve our Services and to assist us in detecting and dealing with data breaches, illegal activities, and fraud. We may also share your personal data with governments and/or government-affiliated institutions, courts, or law enforcement agencies, to comply with our obligations under relevant laws and regulations, enforce or defend our policies or contract with you, respond to claims, or in response to a verified request relating to a government or criminal investigation; provided that, if any law enforcement agency requests your data, we will attempt to redirect the law enforcement agency to request that data directly from you, and in such event, we may provide your basic contact information to the law enforcement agency. We may also provide your data to third parties involved in a legal proceeding, if they provide us with a court order or substantially similar legal procedure requiring us to do so. The above parties are the recipients of your personal data. Doctor A Security safeguards EU personal data when transferred out by adopting European Commission-approved Standard Contractual Clauses as a legal mechanism for data transfers to locations the European Commission have not deemed to have an adequate level of data protection.

Your Rights to your Personal Data

Doctor A Security's services are generally provided on an opt-in basis, with required and collected information differing on a per service basis. Unless subject to an exemption, you will have the following rights with respect to your personal data:

• The right to delete data You can ask us to delete data for which we no longer need in order to provide service to you.

• The right to correct or change data You can modify your contact information through your Doctor A Security Account. You can also ask us to change, update, or fix data that are incorrectly presented and unable to be changed by yourself.

• The right to object You can object to the usage of some or all of your personal data which is based on legitimate interests pursued by Doctor A Security.

• The right to restrict use of data You can ask us to stop or limit the usage of some or all of your personal data that we no longer need, in order to provide service to you, or have legal rights to retain.

• The right of access You may request a copy of your personal data that we have at the time.

• The right of portability You may request us to transmit your personal data directly to another data controller, where the processing is based on your consent or is necessary for the performance of a contract with you, and in either case, we process the data by automated means.

You may make these requests by submitting a request through your Doctor A Security Account or through our website. Upon receipt, we will evaluate your request and inform you how we intend to proceed. Under certain circumstances, and according to applicable European Union or European Union state laws and regulations, we may withhold access to your data, or decline to modify, erase, port, or restrict the processing of your data. Doctor A Security will respond to your request within thirty days after receiving it. Please be advised that if you exercise the rights to erase data, restrict, or object to our processing, or to withdraw your consent, we may not be able to continue our Services to you if the necessary data is missing for processing.

If you are a resident of one of the Designated Countries, you have the right to file a complaint with the competent authority where you reside or in which your data is processed. In case of disagreements relating to Doctor A Security’s processing of your personal data, you can submit a request for administrative action to the data protection supervisory authority with the competent authority where you reside or in which your data is processed. Please click here for a list of local data protection authorities in EEA countries: https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

Changes to Statement

Doctor A Security may make amendments to this document when needed to reflect statement updates, customer feedback, as well as new products or services. We will provide a brief overview of the changes, and if the terms modify the way we process or handle your data or affect your rights, we will notify you through direct message or by posting notices if we are unable to directly reach you. We encourage that you regularly review this Privacy Statement to understand how your data is handled.

Data from Children

Doctor A Security's products and services are targeted at professionals and are not designed nor intended to be used by children under 18 years of age. Doctor A Security does not typically collect date of birth information as it is not used by Doctor A Security. If children under the minimum age of the relevant jurisdiction must use Doctor A Security's products and services, explicit parental consent must be provided and verified. If Doctor A Security is notified or discovers that data collected is from a child under the minimum age, we will take procedures to delete the information as soon as possible.

Do Not Track

Doctor A Security does not track users to provide targeted advertising and therefore will not respond to Do Not Track (DNT) signals.

Contact Information

You can directly contact us through your Doctor A Security Account, or by submitting a form on our website for privacy related questions or concerns. If you are unable to resolve the issue, you have options to exercise your rights as detailed in the previous Your Rights to your Personal Data section. Doctor A Security will respond to your requests within thirty days after receiving it. You may also contact Doctor A Security through the following addresses. For users residing in "Designated Countries" & for users residing in all other regions: Doctor A Security Systems (HK) Limited. Attn: Data Protection, Unit 3, 8/F Megacube, 8 Wang Kwong Road, Kowloon Bay, Kowloon, HONG KONG. Tel: +852 2342-4330.