SYNTHESIS PRIVACY POLICY AND COOKIES POLICY

1. Controller

The Controller of the personal data is Blockchain Programming International Limited (register number ICC20220115) having its registered office in Dubai Office 1204, Tiffany Tower, Al Thanyah Fifth, Plot No.888 P.O. Box 487301 (United Arab Emirates).. The contact with the Controller is available at e-mail address: office@synth3sis.com.

2. Governing Law

The Controller processes personal data in accordance with the requirements of applicable law, including in particular acts on privacy acts in the United Arab Emirates relating to the security of personal data. The User is liable for providing false personal data. By accepting the Privacy Policy, the User agrees to terms and conditions of collecting, processing and securing personal data regarding the use of the Platform.

Also, the Controller processes personal data pursuant to European Parliament and Council regulation (EU) 2016/679 dated 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (the General Data Protection Regulation - hereinafter referred to as “the GDPR”).

3. Respect for Privacy

The Service Provider makes every effort to ensure that personal data are processed with the greatest respect for the privacy of the data provider and with the utmost care for the security of the processed personal data, and in particular ensures to take all legal measures to safeguard the personal data collections.

4. Applied Measures

The Service Provider represents to apply technical and organizational measures to ensure protection of processed personal data appropriate for the risks and a category of protected data, and in particular to protect data against unauthorized sharing, processing as a violation of law and against their loss, damage or destruction .

5. Processing Scope and Purpose

The Service Provider processes personal data of the User with the purpose of:

• establishing, changing, executing or terminating the agreed relationship between the Service Provider and the User;
• fulfilling legal duties of the Controller;
• marketing and advertising the Services, as well as sending commercial information;
• using ICT end devices and automatic trigger systems for marketing purposes

6. Data Profiling

Processing personal data includes profiling the Users according to their behavior, interests, payment credibility and purchase preferences. Based on profiling, a specific content is conveyed to the Users, which potentially may interest them.

7. Data Sharing

To execute the Agreement, the Controller may disclose collected personal data with the entities including: employees, associates, delivery service, online payment system operators, entities providing operating, legal, accounting and IT services for the Service Provider, as well as entities personally or financially associated with the Service Provider. In such cases the volume of disclosed information is limited to necessary minimum.

8. Website Traffic Analyses

The Service Provider represents that it is allowed to use tools designed to analyze traffic within the Platform such as Google Analytics and other similar. In particular, the Service Provider has the right to collect information on the User's activity and behavior, such as visiting the Platform and using the Services. The Service Provider uses the data to research the market and traffic on the Platform, as well as to create statistics, in particular, to assess the interest in the posted content, as well as to improve the Platform and fulfill obligations in the scope of counteracting money laundering and terrorist financing. The collected data shall be processed in an anonymous manner and used only for statistical purposes or to ensure proper use of the Platform.

9. Termination of the Service

Upon termination of the Agreement by the User, the Service Provider shall not process personal data of the User except for:

• representations made by the User under the Terms and Conditions;
• advertising, market research and behavior purposes to improve the quality of the provided services;
• explanation of circumstances contrary hereto or the right to use the Website or the Services provided within the Platform;
• authorized for processing under the agreement or separate provisions of law.

10. User Rights

The Service Provider ensures that the applied terms and conditions of processing personal data comply with Users’ rights under the applicable law, in particular rights to access, correct, update, remove, limit processing, transfer own data, to object, to withdraw the consent, to complain to the supervisory authority. Notices regarding the Privacy Policy and personal data are examined according to the complaint procedure specified in the Term and Conditions.

11. Scope of Data

The Service Provider processes or may process personal data of the User, appropriately to the data provided by the User, in particular including identification and contact data.

12. Platform Browsing

Browsing the Platform does not require the User to provide personal data, unless the access to particular content or services is conditional upon the data provision.

13. Data Processing Rules

The Service Provider shall comply with the following rules for the processing of personal data:

• recording collected personal data only on such storage media that are protected against third party access; performing personal data security surveillance throughout the whole term during which they are possessed to ensure in particular protection against unauthorized access, damage, destruction or loss;
• sharing personal data with competent authorities under applicable law;
• preserving the confidentiality of personal data.

The personal data processed by the Service Provider are not shared in a form that allows user identification of any kind, unless the User has given a consent or if the obligation to disclose such information is based on applicable law.

Cookies are sent to web browsers, and then saved on the device's memory and read by the server each time you connect to a website. Cookies do not contain any information enabling third parties to get to know your personal data or contact you, e.g. by email or phone. Saving cookies does not allow us or unauthorized persons to access your private device.

1. Types of Cookies

The Service Provider may use the following types of cookies on the Platform and Application:

• temporary, which are removed after leaving the Platform or after turning a web browser off;
• permanent that are stored on the User's end device for unspecified period of time, or until the User manually deletes them;
• statistical, which track traffic on the Platform;
• functional, allowing personalization of the site in relation to the User;
• advertising, which allow to provide the User with the content adjusted to his/her personal preferences;
• obligatory and safety, which regard safety keeping rules within the Platform and authentication rules.

2. Purposes of Using

The Service Provider uses cookies for the following purposes:

• to optimize and increase efficiency and quality of the Services;
• to configure features available within the Platform and Application correctly;
• advertisements to visitors of the Platform and Application;
• after logging in, to maintain the User’s sessions on the Platform and Application so the User does not have to re-enter the login and password on each subpage;
• to keep safety and reliability of the Platform and Application;
• collecting and using general and publicly available statical data through analytical tools.

3. Analysis

To ensure the highest quality, cookies are analyzed to determine which subpages are visited the most, which browsers are used by visitors and whether the Platform structure is free of errors.

4. Cooperation with Entities

Cookies stored on the User's end device may be used by other entities that affect the quality of the provided Services. The User may change own cookie settings any time by specifying the conditions of storing and granting access to cookies on the User’s device. The User is allowed to change the settings referred hereinabove by using the settings of the web browser or by configuring the Service. These settings may be changed in a way to block automatic cookies activity in a web browser or to inform the User of placing a cookie on the User’s device.

5. User Rights

The User is allowed to remove cookies at any time by using the settings available in the used web browser. Restricting or blocking cookies via the used web browser shall not make it impossible for the Users to participate in the Platform, however, this may cause difficulties or irregularities in the Platform operation for which the Service Provider is not liable. It is recommended to use software that enables cookies operation.

WHAT IS THE PURPOSE OF PROCESSING PERSONAL DATA?

Personal data are processed with the purposes of:

• execution of the Agreement or taking action at the request of the data provider before the conclusion of the Agreement;
• handling notifications and complaints;
• conclusion and execution of the Agreement, including the provision of particular services;
• sending system messages or notifications to the User;
• developing statistics related to the Users activity on the Platform;
• storing or archiving documentation for the purposes of examining, processing or settling claims;

HOW DO WE OBTAIN PERSONAL DATA?

We collect personal data directly from Users. We may collect personal data indirectly only by using the Platform or purchasing Tokens.

WHAT DATA DO WE PROCCESS AND FOR HOW LONG?

If:

• you are browsing the Website: IP address (for static purposes), cookies. We store the data until the cookies expire.
• you make a claim or hand a complaint: data contained in the document. We store data for the period required by law for the purpose of investigation, processing or defense against legal claims. The complaint is considered within 14 days.
• you order paid Services: data necessary to provide the Service. If it is access to content, we do not process more data than related to the payment process. The payment service is provided by the payment operator. The card details are not processed by the Service Provider. The data is processed for the duration of the provision of the Service, and after this period for the time necessary to investigate, process or defend against legal claims - including accounting, legal and IT services.
• you receive system messages or notifications: username, e-mail address. However, the data shall be processed for archiving purposes for a period of up to 36 months or longer (if it is necessary for the purposes of investigation, processing or defense against legal claims).
• we keep records or archive for the purposes of examining, processing or settling claims: data necessary for a given process. We delete data after the process is completed.

If we write that we store data for the period required by law for the purpose of research, processing or defense against legal claims, we mean the period indicated by law as the required period.

WHAT NOTIFICATIONS AND SYSTEM MESSAGES DO WE SEND?

The Platform may send notifications (so-called web push notifications) if you give your consent to it from the browser level. In this case, you shall receive notifications visible from your device.

The website may send notifications visible after logging in. The user may set the frequency of sending information. Messages may be sent daily, weekly, or they may be turned off. By default, the sending of notifications is disabled and the user is asked to select a frequency setting.

The Service Provider may send system messages to the User's e-mail address. These messages are sent when necessary and relate to information connected with the Platform.

DO WE DISCLOSE PERSONAL DATA?

Recipients of data may only be authorized employees of the Service Provider or associates providing services related to customer service or IT support, or accounting, or legal services.

OUR RIGHTS RELATED TO PERSONAL DATA

Each data provider has the right to access, rectify, update, transfer, delete or limit processing, the right to object, the right to withdraw consent at any time (however, withdrawal of consent does not affect the lawfulness of the processing which has been carried out on the basis of consent prior to its withdrawal), the right to place a complaint with the competent authority according to the registered office of the Controller in matters related to personal data. In order to exercise the rights, an appropriate request shall be sent by e-mail to the following address: office@synth3sis.com.

We shall consider your request immediately, but no later than within 1 month of receiving the request from the User. However, if the performance of the request within the indicated period is not possible, e.g. due to the complex nature of the request or the number of requests, we reserve the right to extend the deadline for considering the request, but not longer than 2 months. We shall inform you by e-mail about the possible need to extend the time to consider your request.