RENNDAAR TECHNOLOGY LTD PRIVACY POLICY

1. INTRODUCTION

a. Welcome to Renndaar Technology Ltd and its affiliates (together referred to as ("Company", “we,” “our,” or “us”). Our Mobile Application (Renndaar) offers basic information about our products and services as we are committed to protecting your privacy. This Privacy Policy explains how your personal information is collected and used by Renndaar Technology Ltd.

b. This Privacy Policy applies to our Mobile Application and services available therein, (collectively, our “Services”) and to all forms of systems, operations, and processes within our environment that involve the collection, storage, use, transmission, and disposal of Personal Information. By accessing or using our Services, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Use.

c. This Privacy Policy is strictly restricted to our Services and therefore does not apply to services that are not owned or controlled by us, including third- party Mobile Applications. We are committed to handling all Personal Information provided to us in compliance with both applicable and model data protection and privacy laws.

2. DEFINITION AND INTERPRETATION

a. To ensure that you understand the terms used within this Privacy Policy, these terms are referenced and defined below:

i. “Cookie” is a small text file that is sent to and stored in the browser directories of your device (smartphone or PC).

ii. “Company”, “we,” “us,” or “our” means Renndaar Technology Ltd and any person or legal entity to whom the rights and/or obligations of Renndaar Technology Ltd have been assigned.

iii. “Content” means the Service and any content, materials, graphics, audiovisual files, processes and code, features, functionality, and products available on our Mobile Application.

iv. “Device” means any device connected to the internet that a person (natural or legal) used to access our Mobile Application, mobile application, and services. It could be a phone, tablet, computer, or any other device capable of connecting to the internet and accessing our services.

v. “Product” refers to Renndaar, an innovative financial well-being product designed primarily for African employees and employers.

vi. “Personal information” means any information that belongs to any identifiable living individual. Such information includes (such as name, telephone number, address, PIN, email address, Bank Verification number, etc.) of individuals making them easily identifiable.

vii. “PIN” means Personal Identification Number.

viii. “Policy” means this Privacy Policy.

ix. “Services” means our Mobile Application, services, products, and user experiences offered through our Mobile Application.

x. “User” or “You” or “Customer” “Your” means any person including entities that access our Services through any of our Platforms. This includes both current and past registered users and any and all other persons who in one way or another interact with our Services.

xi. “Country” means Nigeria.

3. CONSENT

a. By using our Services in any manner, you confirm to us that you have read and accepted this Policy and consent to the data practices described in this Policy. If you do not intend to accept this Policy or do not meet or comply with the provisions set forth herein, immediately exit the use of our Services.

4. INFORMATION WE COLLECT

a. Personal Information
i. We collect personal information that you voluntarily provide to us when you register to access our Services, express an interest in obtaining information about us or our Services, or when you contact us.

ii. We collect and process certain types of information such as your: name, telephone number, address, National Identification Number (NIN), PIN, email address, usernames, passwords, contact preferences, contact or authentication data, emergency contact, etc. of our users that makes them easily identifiable. These users include both current and past registered users, any and all other persons that in one way or the other interact with our Services (“users”), and other individuals whom we communicate or deal with.

iii. We also collect anonymous information that may be linked to you specifically such as your IP address, browser, device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information.

b. Payment Data i. We may collect data necessary to process payments you make for the use of our Services or purchase of products available on our Mobile Application such as your payment instrument information. All payment data is stored by our third-party payment processor and as such, you are advised to review their Privacy Policy and other relevant policies.

c. Cookies i. We use cookies to identify you as a user and make your user experience easier, customize our Mobile Application, content, and advertisements, and where applicable help you ensure that your account security is not compromised. We also use cookies to mitigate risk and prevent fraud, promote trust and safety on our Mobile Application. Cookies allow our servers to remember IP addresses, date and time of visits, monitor web traffic, and prevent illegal activities perpetuating through our Services. Our cookies do not store personal or sensitive information. They simply hold a unique random reference to you so that once you visit our Mobile Application, we can recognize who you are and provide certain content to you. If your browser or browser add-on permits, you have the choice to disable cookies on our Mobile Application, however, this may impact your experience while accessing and using our Services.

d. Log and Usage Data i. Log and usage data are service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, browser settings, and information about your activity on our Mobile Application (such as the date/time stamps associated with your usage, pages, and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports sometimes called "crash dumps", and hardware settings).

e. Device Data i. We collect device data such as information about your computer, phone, tablet, or other device you use to access our Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and mobile carrier, operating system, and system configuration information.

f. Location Data i. We collect location data such as information about your device's location. How much information we collect depends on the type and settings of the device you use to access our Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your location setting on your device. However, if you choose to opt-out, you may not be able to use certain aspects of our Services.

5. PURPOSE LIMITATION a. We collect personal information only for certain identified purposes and for which consent has been obtained. Such personal information cannot be reused for another purpose that is incompatible with the original purpose unless we obtain your consent for such use.

6. DATA MINIMIZATION a. We limit data collection and usage to information that is relevant, adequate, and absolutely necessary for carrying out the purpose for which the data is processed. We will evaluate to what extent the necessity of processing your data is required and where the purpose allows, anonymized data will be used.

7. WHY WE COLLECT YOUR INFORMATION

a. We use your personal information to do the following:

i. Provide you with the required services;

ii. Create and manage your user profiles;

iii. Personalize the Services, i.e. identifying your interests and recommending offers that might be of interest to you;

iv. Respond to your questions or requests;

v. Improve features, and Mobile Application content and analyze data to develop our Services;

vi. Address inappropriate use of our Services;

vii. Prevent, detect, and manage risk against misinformation, wrong use, fraudulent and illegal activities using internal and third-party screening tools;

viii. Send you marketing content, newsletters, and service updates curated by us, however, we will provide you with an option to unsubscribe if you do not want to hear from us;

ix. Verify your identity and the information you provide in line with our statutory obligations using internal and third-party tools;

x. Maintain up-to-date records;

xi. Carry out troubleshooting, data analysis, testing, and for statistical purposes;

xii. Resolve disputes that may arise, including investigations by law enforcement or regulatory bodies, and for any other purpose that we disclose to you while providing our Services to you.

8. LEGAL BASIS WE RELY ON TO PROCESS YOUR INFORMATION

a. We only process your personal information when we have a valid legal reason (i.e legally basis) to do so under applicable laws, e.g. with your consent, to comply with these laws, to provide you with our Services, to enter into and/or fulfill our contractual obligations, to protect your rights, or to fulfil our legitimate business interests.

b. We may rely on the following legal basis to process your personal information:

i. Consent- We may process your information if you have given us permission (i.e. consent) to use your personal information for a specific purpose. You can withdraw your consent at any time by notifying us.

ii. Legal Obligations- We may process your information where we believe it is necessary for compliance with our legal obligations, such as but not limited to: Cooperating with a law enforcement body or regulatory agency, complying with relevant regulations and policies that apply to our Services and Company businesses.

iii. Exercising or defending our legal rights, or disclosing your information as evidence in a competent court, or tribunal, or in compliance during an investigation (internal or external), compliance with any court and/or tribunal order, or compliance with relevant regulatory and government authorities (both local and international bodies).

iv. Vital Interests - We may process your information where we believe it is necessary to protect your vital interests or the vital interests of our users, such as situations involving potential threats to the safety of our users.

9. HOW WE SHARE YOUR PERSONAL INFORMATION

a. In the course of providing our Services to you, we may engage the Services of third parties to process your personal information. The processing by such third parties shall be governed by a written contract with us to ensure adequate protection and security measures are put in place by the third party for the protection of your personal information in accordance with the terms of this Privacy Policy.

b. We do not sell or trade personal information with third parties. However, to enable us to render our Services to you, we may share your information with trusted third parties. We may disclose your personal information in compliance with applicable law or a legal obligation to which we are bound. Please note that third-party sites you engage with through our Services will have their privacy policies, and we are therefore not responsible for their actions, including their information protection practices. The use of your information by such third parties will be subject to their applicable Privacy Policy, which you should carefully review.

c. We may be required to retain or disclose personal information in order to:

i. Comply with applicable laws and regulations;

ii. Comply with a court and/or tribunal order, subpoena, or other legal processes; Comply with an investigation (internal or external);

iii. Respond to a lawful request by a government authority, law enforcement agency, or similar government body (whether situated in our user jurisdiction or elsewhere);

iv. Engage with third-party service providers and/or subcontractors who provide services for the Company's business operations, a list of which can be received upon request.

10. DATA RETENTION

a. We will retain your Personal Information for as long as is needed to provide our Services to you, comply with our legal and statutory obligations, or verify your information with the required verification authorities. Therefore, even after your discontinuance of our Services, We will retain certain personal information and data to comply with our legal and regulatory obligations. All Personal Information shall be destroyed by us where we have satisfied the legal retention timeframe.

b. For all Personal Information and records obtained, used, and stored by us, We shall perform periodical reviews of the data retained to confirm the accuracy, purpose, validity, and requirement to retain. The length of storage of your Personal Information shall, amongst other things, be determined by the following:

i. The contract terms agreed between us or as long as it is needed for the purpose for which it was obtained;

ii. Whether the transaction or relationship has statutory implication or a required retention period;

iii. Whether there is an express request for deletion of the Personal Information by you, provided that such request will only be treated where you are not under any investigation which may require us to retain such Personal Information or there is no subsisting contractual arrangement with you that would require the processing of the Personal Information;

iv. Whether We have another lawful basis for retaining that information beyond the period for which it is necessary to serve the original purpose.

c. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

11. HOW DO WE KEEP YOUR INFORMATION

a. We shall continually put in place mechanisms to protect the integrity and confidentiality of your personal information, both in digital and physical format and to prevent your personal information from being accidentally or deliberately compromised. We are committed to managing your personal information in line with global industry best practices. We protect your personal information using technical and organizational measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration.

b. We also use industry-recommended security protocols to safeguard your personal information. Other security safeguards include but are not limited to: data encryption, firewalls, and physical access controls to our building, files, cloud storage, and granting access to your personal information to only our employees who require it to fulfil their job responsibilities. No personal information processing will be undertaken by our employee who has not been authorised to carry out such as part of their legitimate duties.

12. PRIVACY RIGHTS

a. Once your personal information is held by us, you are entitled to reach out to us to exercise the following rights:

i. Request a rectification and modification of your personal information which we keep;

ii. Request the movement of your data from us to a third party (this is the right to portability of data);

iii. Object to and request that we restrict the processing of your personal information. We shall inform you of the effect of such restrictions and how they will affect our Services to you. Your request will be reviewed by us and carried out except as restricted by law or our statutory obligations. You may review and update your personal information directly on our Mobile Application, or product or by contacting us via email.

iv. Opt out of receiving newsletters and other non-essential messages by using the unsubscribe link included in all such messages. However, you will continue to receive notices and essential transactional emails;

v. Disable browser cookies before visiting our Mobile Application. However, if you do so, you may not be able to use certain features of the Mobile Application properly;

vi. Request access to the personal information we collect from you, change that information, or delete it.

b. To request for a review, update, or deletion of your personal information, please send us an email on hello@renndaar.com

13. DO-NOT-TRACK FEATURES

a. Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or settings which you can activate to signal your privacy preference not to retain data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

14. AGE RESTRICTION

a. Our Services are directed to persons from the ages of 18 years and above. If you are below the age of 18 you must obtain the consent of your parent or guardian to use our Services. If we become aware that a child (“minor”) under 18 years has provided us with personal information, we will take steps to delete such information and shall NOT be held liable for the actions of minors who access our Services.

b. If as a parent or guardian, you become aware that your child or ward has provided us with any personal information without your consent, please contact us via email at hello@renndaar.com

15. CHANGE OR TRANSFER OF BUSINESS OWNERSHIP

a. In the event that we sell our company or get acquired or merged with another entity, we will ensure that the acquiring entity is legally bound to honour our commitments to you. We will notify you via email or through a notice on our Mobile Application of any change in ownership or in the use of your personal information or service data. We will also notify you about any choices you may have regarding your personal information and service data. This Policy may be updated to accommodate such transactions.

16. UPDATES

a. We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is uploaded on our Mobile Application. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Policy frequently in order to be informed of how we are protecting your information.

17. GENERAL TERMS

a. Your access to and use of our Services is subject to Renndaar Technology Ltd Terms of Use and such other terms, which may be made available to you in connection with your use of our Services.

18. CONTACT US

a. You may contact us upon becoming aware of any breach of Personal Information or if your access to our Services has been compromised, to enable us to take the necessary steps toward ensuring the security of your Personal Information.

b. You may also contact us if you have any questions relating to this Privacy Policy or would like to find out more about exercising your data protection rights. All questions and inquiries may be sent to us via email at hello@renndaar.com.

This Privacy Policy was last updated on 10th March 2024.