Common use of Privacy Notice Clause in Contracts

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ We understand that your personal information is important to you and that you may be apprehensive about disclosing it. Your privacy is just as important to us, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Law

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ This privacy notice explains how we use any personal information we collect about you. We understand collect information about you when you engage us for financial advice, financial planning and investment management services. This information will relate to your personal and financial circumstances. It may also include special categories of personal data such as data about your health, if this is necessary for the provision of our services. We collate this data by note taking and the completion of questionnaires. Audio recordings may also be made of telephone calls and meetings. Information relating to usage of our website is collected using cookies. These are text files placed on your computer to collect standard internet log information and visitor behaviour information. We will use your information collected from the website to personalise your repeat visits to the site. Full details of how cookies work is provided on our website xxx.xxxxxxxxxxx.xx.xx We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We will provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them. The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we would also be unable to fulfil our legal and regulatory obligations. Where special category data of a sensitive nature is required we will obtain your explicit consent to collect and process this information. An example of this is where information is required about your health. We collect information about you in order to provide you with the services for which you engage us. In order to deliver our services to you effectively we may send your details to third parties such as those that we engage for professional compliance, audit or legal services as well as product and platform providers that we use to arrange financial products for you. Where you are also a client of Xxxxx Xxxxxxxx Chartered Accountants, we will supply information needed by them to carry out the services you have engaged them for. We may also be required to forward your data to our regulator, the Financial Conduct Authority when requested. Where third parties are involved in processing your data we have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they will only act in accordance with our written instructions. Where it is necessary for your personal data to be forwarded to a third party we will use appropriate security measures to protect your personal data in transit. This will include the encryption of data transmitted electronically. To fulfil our obligations in respect of prevention of money-laundering and other financial crime we will send your details to a credit referencing agency for identity verification purposes. The privacy notice of the credit referencing agency we use for this purpose is available at xxx.xxxxxxxxxx.xx.xx/xxxxx-xxxxxxxxxxx/ bureau-privacy-notice This provides information of how they will use and share your personal data. During the course of our relationship with you we will retain personal data which is necessary to provide services to you. We will take all reasonable steps to keep your personal data up to date throughout our relationship. We are also subject to regulatory requirements to retain your data for specified minimum periods. These are, generally: - • Five years for investment business • Three years for insurance business • Indefinitely for pension transfers and opt-out business These are minimum periods, during which we have a legal obligation to retain your records. We reserve the right to retain data for longer where we believe it is in our legitimate interests to do so. You have the right to request deletion of your personal data. We will comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above. You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us using the contact details noted below. We have an obligation to ensure that your personal information is important accurate and up to you and date. Please ask us to correct or remove any information that you may be apprehensive about disclosing it. Your privacy think is just as important to us, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your informationincorrect. If for you have any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire questions about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically privacy policy or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, please contact us by email at xxxxxxxxxxxxxx@xxxxxxxxxxx.xx.xx or write to use to us at Oakley House, Headway Business Park, 0 Xxxxx Xxx Xxxx, Xxxxx XX00 0XX. This is our standard client agreement upon which we intend to rely. This agreement should be read in conjunction with the Services and Costs document and the engagement letter that you will be issued with prior to explain why us commencing work on your behalf. We are authorised and how it regulated by the Financial Conduct Authority (FCA), 00 Xxxxxxxxx Xxxxxx, Xxxxxxxxx, Xxxxxx, X00 0XX. xxx.xxx.xxx.xx. Our firm reference number is being processed (please complete Annexure A) 143390. You can check our details on the Financial Services Register by visiting the FCA’s website xxx.xxx.xxx.xx/xxxxx/xxxxxxx-xxxxxxxxx/ register or by contacting the FCA on 0800 111 6768. As we predominantly recommend our own investment services and solutions our investment advice is Restricted Advice under the rules of our regulator the Financial Conduct Authority. On the occasions where our own investment solutions are not suitable for you we may recommend investment products and services provided by other product providers selected from across the marketplace. We are also able to determine the ongoing suitability of existing investments you may hold and advise you accordingly. We do not provide advice on the following types of investment: - • Request that Unregulated Collective Investment Schemes • Qualified Investor Schemes • Derivatives contracts For insurance and annuities we consider your objections to will make a recommendation after researching the processing whole of the market. In all cases we will carry out an analysis of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act circumstances, needs and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawobjectives before making any recommendation.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ This privacy notice explains how we use any personal information we collect about you. We understand collect information about you when you engage us for financial advice, financial planning and investment management services. This information will relate to your personal and financial circumstances. It may also include special categories of personal data such as data about your health, if this is necessary for the provision of our services. We collate this data by note taking and the completion of questionnaires. Audio recordings may also be made of telephone calls and meetings. Information relating to usage of our website is collected using cookies. These are text files placed on your computer to collect standard internet log information and visitor behaviour information. We will use your information collected from the website to personalise your repeat visits to the site. Full details of how cookies work is provided on our website xxx.xxxxxxxxxxx.xx.xx We may need to gather personal information about your close family members and dependants in order to provide our service to you effectively. In such cases it will be your responsibility to ensure that you have the consent of the people concerned to pass their information on to us. We will provide a copy of this privacy notice for them or, where appropriate, ask you to pass the privacy information to them. The primary legal basis that we intend to use for the processing of your data is for the performance of our contract with you. The information that we collect about you is essential for us to be able to carry out the services that you require from us effectively. Without collecting your personal data we would also be unable to fulfil our legal and regulatory obligations. Where special category data of a sensitive nature is required we will obtain your explicit consent to collect and process this information. An example of this is where information is required about your health. We collect information about you in order to provide you with the services for which you engage us. In order to deliver our services to you effectively we may send your details to third parties such as those that we engage for professional compliance, audit or legal services as well as product and platform providers that we use to arrange financial products for you. Where you are also a client of Xxxxx Xxxxxxxx Chartered Accountants, we will supply information needed by them to carry out the services you have engaged them for. We may also be required to forward your data to our regulator, the Financial Conduct Authority when requested. Where third parties are involved in processing your data we have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they will only act in accordance with our written instructions. Where it is necessary for your personal data to be forwarded to a third party we will use appropriate security measures to protect your personal data in transit. This will include the encryption of data transmitted electronically. To fulfil our obligations in respect of prevention of money-laundering and other financial crime we will send your details to a credit referencing agency for identity verification purposes. The privacy notice of the credit referencing agency we use for this purpose is available at xxx.xxxxxxxxxx.xx.xx/xxxxx-xxxxxxxxxxx/ bureau-privacy-notice This provides information of how they will use and share your personal data. During the course of our relationship with you we will retain personal data which is necessary to provide services to you. We will take all reasonable steps to keep your personal data up to date throughout our relationship. We are also subject to regulatory requirements to retain your data for specified minimum periods. These are, generally: - • Five years for investment business • Three years for insurance business • Indefinitely for pension transfers and opt-out business These are minimum periods, during which we have a legal obligation to retain your records. We reserve the right to retain data for longer where we believe it is in our legitimate interests to do so. You have the right to request deletion of your personal data. We will comply with this request, subject to the restrictions of our regulatory obligations and legitimate interests as noted above. You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us using the contact details noted below. We have an obligation to ensure that your personal information is important accurate and up to you and date. Please ask us to correct or remove any information that you may be apprehensive about disclosing it. Your privacy think is just as important to us, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your informationincorrect. If for you have any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire questions about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically privacy policy or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, please contact us by email at xxxxxxxxxxxxxx@xxxxxxxxxxx.xx.xx or write to use to us at Ironstone Place, Kettering, NN14 1FN. This is our standard client agreement upon which we intend to rely. This agreement should be read in conjunction with the Services and Costs document and the engagement letter that you will be issued with prior to explain why us commencing work on your behalf. We are authorised and how it regulated by the Financial Conduct Authority (FCA), 00 Xxxxxxxxx Xxxxxx, Xxxxxxxxx, Xxxxxx, X00 0XX. xxx.xxx.xxx.xx. Our firm reference number is being processed (please complete Annexure A) 143390. You can check our details on the Financial Services Register by visiting the FCA’s website xxx.xxx.xxx.xx/xxxxx/xxxxxxx-xxxxxxxxx/ register or by contacting the FCA on 0800 111 6768. As we predominantly recommend our own investment services and solutions our investment advice is Restricted Advice under the rules of our regulator the Financial Conduct Authority. On the occasions where our own investment solutions are not suitable for you we may recommend investment products and services provided by other product providers selected from across the marketplace. We are also able to determine the ongoing suitability of existing investments you may hold and advise you accordingly. We do not provide advice on the following types of investment: - • Request that Unregulated Collective Investment Schemes • Qualified Investor Schemes • Derivatives contracts For insurance and annuities we consider your objections to will make a recommendation after researching the processing whole of the market. In all cases we will carry out an analysis of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act circumstances, needs and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawobjectives before making any recommendation.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ We understand that your personal information is important to you and that you may be apprehensive about disclosing it. Your privacy is just as important to us, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 0000 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Law

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ The CFTC has approved regulations that impose various requirements on financial institutions' treatment of customer information. The regulations require that financial institutions develop privacy policies and disclose these policies to its customers. Interbank FX, LLC considers your privacy one of our utmost concerns. This Privacy Notice outlines our current policies and practices regarding how information about individual customers is collected and used. We understand that will send existing customers an updated Privacy Notice on an annual basis; also should any portion of our current policies and practices change you will be sent a revised Privacy Notice in advance, thus providing you with sufficient notice to respond prior to the effective date of the change. In order to provide you with individualized service, Interbank FX, LLC collects information about you from your personal information is important to you account application and other forms that you may be apprehensive about disclosing it. Your privacy is just as important deliver to us, and we are committed us or to safeguarding and processing your information in a lawful mannerthe firms that clear securities trades on the various domestic securities exchanges. We also want use this information to make sure that you understand how and open an Account for what purpose we you, process your information. If for any reason requests and transactions and to provide you think that your with additional information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application formproducts and services. This form is completed either electronically or in hard copy. You may also be requested In order to service your Account, effect your transactions and mail correspondence to you, we provide your personal information during your consultation with a representativeto other independent firms that specialize in providing these services. We may require these other independent firms to protect the confidentiality of your information and to use the information only for the purpose for which the disclosure is made. In the regular course of our business, we also collect information about your transactions with us and we may receive non-public information about you from other sources such as external third parties and from cookies our websitea consumer reporting agency. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your We do not disclose any nonpublic personal information insofar as it relates about our customers to the rendering other independent firms, organizations or individuals except in furtherance of the relevant financial services our business relationship with you, or if compelled to you: • Financial Advisory and Intermediaries Services Act 37 do so by due process of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collectlaw. If you decide at some point to close your Interbank FX, holdLLC Account, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as become an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your informationinactive customer, we will take all precautions continue to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal adhere to the protection afforded by the POPI Actprivacy policies and practices described in this Notice. As a data subject, you have the right We restrict access to – • Request that we confirm, free of charge, whether or not, we hold nonpublic personal information about you • Request to those employees who need to know that we information to provide products or services to you. We maintain physical, electronic and procedural safeguards that comply with federal standards to guard your personal information. Should you with a description of have any questions or concerns about this Privacy Notice or the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections to the processing privacy of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints processinformation, please visit the website of the Information Regulator, as indicated below. Alternatively, you may feel free to contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD HouseCompliance Department at (000) 000-0000, 00 Xxxxxxxx XxxxxxMonday through Friday, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawbetween the hours of 8:00 a.m. and 5 p.m. Mountain Standard Time.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ We understand that your To conduct regular business, we may collect nonpublic personal information is important from sources such as: Information reported by you on applications or other forms you provide to us. However, the Firm does not share or disclose any nonpublic personal information about its current or former customers, except as permitted by law. All information will remain confidential. As the Firm shares nonpublic information solely to service our client accounts, we do not disclose any nonpublic personal information about our customers or former customers to anyone, except as provided in this Agreement or as permitted by law. TSA will internally safeguard your nonpublic personal information by restricting access to only those employees who provide products or services to you and that you may be apprehensive about disclosing it. Your privacy is just as important to us, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request those who need access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requestedservice your account. Where we share your informationIn addition, we will take all precautions maintain physical, electronic and procedural safeguards that meet federal and/or state standards to ensure that the third party will treat guard your information with the same level of protection as required by usnonpublic personal information. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal Notwithstanding anything to the protection afforded by the POPI Act. As a data subjectcontrary herein, you Client shall have the right to – • Request terminate this Agreement without penalty within five business days after executing this agreement. Any previously paid Advisory Fee shall be refunded in full and funds in Client's Marstone Program shall be transferred pursuant to Client's direction. As a registered investment adviser, SEC rules under the Investment Advisers Act require that we confirmapplicable written disclosure brochures be delivered to each client and prospective client and that the firm maintain certain records as to the delivery of the firm's Part 2 of Form ADV. Our Firm Brochure describes our firm's advisory services, free fees and compensation, other financial industry activities, and Code of chargeEthics, whether among other things, and addresses resultant or not, we hold personal potential conflicts of interest. The Brochure Supplements provide information about you • Request that we provide the advisory personnel who will be providing you with a description investment advice on behalf of the personal information we hold about youour firm. Also, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) • Lodge as a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out aboveclient, you have the right provided personal and financial information as part of our professional relationship which is personal, non-public and private. Our firm has a formal Privacy Policy to lodge a complaint with the Information Regulatorrespect and protect your privacy and to safeguard and restrict access to your personal information. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing LawFederal and state regulations require our firm to initially deliver and annually send our Privacy Policy Notice to you.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ We understand that Who looks after your personal information Do you have to give us your personal information Your personal information will be held by Bank of Scotland plc which is important part We may be required by law, or as a consequence of any contractual of the Lloyds Banking Group. More information on the Group can be found at relationship we have, to collect certain personal information. Failure to xxx.xxxxxxxxxxxxxxxxxx.xxx provide this information may prevent or delay us fulfilling these obligations or How we use your personal information performing services. We will use your personal information: What rights you have over your personal information • to provide products and services, manage your relationship with us and The law gives you a number of rights in relation to your personal information comply with any laws or regulations we are subject to (for example the including: laws that prevent financial crime or the regulatory requirements governing • the right to access the personal information we have about you. This the products we offer). includes information from application forms, statements, correspondence • for other purposes including improving our services, exercising our rights and call recordings. in relation to agreements and contracts and identifying products and • the right to get us to correct personal information that is wrong or services that may be of interest. incomplete. To support us with the above we analyse information we know about you and that • in certain circumstances, the right to ask us to stop using or delete your how you may be apprehensive about disclosing it. Your privacy is just as important to ususe our products and services, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your including some automated decision personal information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officermaking. You can request access find out more about how we do this, and in what circumstances • from 25 May 2018 you will have the right to the receive any personal information we hold about you at any time and if you think that can ask us to stop, in our full privacy notice. we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of in an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide easily re-usable format when it’s processed Who we share your personal information during with on certain grounds, such as consent or for contractual reasons. You can also Your personal information will be shared within Lloyds Banking Group and other ask us to pass this information on to another organisation. companies that provide services to you or us, so that we and any other companies You can find out more about these rights and how you can exercise them in our in our Group can look after your consultation relationship with a representativeus. By sharing this information it full privacy notice. enables us to better understand our customers’ needs, run accounts and policies, Other individuals you have financial links with and provide products and services efficiently. This processing may include activities which take place outside of the European Economic Area. If this is the We may also collect personal information about other individuals who you case we will ensure appropriate safeguards are in place to protect your personal have a financial link with. This may include people who you have joint accounts information. You can find out more about how we share your personal information or policies with such as your partner/spouse, dependents, beneficiaries or with credit reference agencies below and can access more information about how people you have commercial links to, for example other directors or officers of else we share your information in our full privacy notice. your company. Where we collect your personal information from We will collect this information to assess any applications, provide the services We will collect personal information about you from other a number of sources such as external third parties including: requested and to carry out credit reference and fraud prevention checks. You can find out more about how we process personal information about individuals • information given to us on application forms, when you talk to us in with whom you have a financial link in our full privacy notice. branch, over the phone or through the device you use and when new How we use credit reference agencies services are requested. • from cookies analysis of how you operate our website. As an authorized financial services providerproducts and services, including the In order to process your application we are obligated in terms of the following legislation to collect may supply your personal information insofar frequency, nature, location, origin and recipients of any payments. to credit reference agencies (CRAs) including how you use our products and services and they will give us information about you, such as it relates about your • from or through other organisations (for example card associations, credit financial history. We do this to assess creditworthiness and product suitability, reference agencies, insurance companies, retailers, comparison websites, check your identity, manage your account, trace and recover debts and prevent social media and fraud prevention agencies). criminal activity. • in certain circumstances we may also use information about health or We may also continue to exchange information about you with CRAs on an criminal convictions but we will only do this where allowed by law or if you ongoing basis, including about your settled accounts and any debts not fully give us your consent. repaid on time, information on funds going into the rendering of account, the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your balance on the You can find out more about where we collect personal information mainly about you account and, if you borrow, details of your repayments or whether you repay in from in our full privacy notice. full and on time. CRAs will share your information with other organisations, for example other organisations you ask to provide you with access to the services products and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawservices.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT This notice explains how Avire Trading Limited (“POPIA”)‌ referred to in this notice as Avire, we or us) collects and uses your personal information in connection with the use of our Services including our Products, Website(s), Hosted Services (including Cloud), Apps, and other services. This privacy notice is to inform you about: • How to contact us. • What personal information is; • How we collect your personal information; • The types of personal information we collect; • How we use your personal information; • The legal basis for processing your personal information; • What will happen if you do not provide the information we request; • How we share your personal information; • How we keep your personal information secure; • When do we transfer your information overseas; • How long we keep your personal information; • Your rights in relation to your personal information; and • How to make complaints in relation to your personal information. The table at the end of this notice provides an overview of the data that we collect, the purposes for which we use that data, the legal basis which permits us to use your information and the rights that you have in relation to your information. We will treat all of your personal information as confidential and in accordance with the Data Protection Legislation and your personal information will only be shared with others in accordance with this privacy notice. We keep this privacy notice up to date, so if there are any changes to the way in which your personal information is used this privacy notice will be updated and we will notify you of the changes. Our contact details are as follows: Address: Avire Trading Ltd, Xxxx 0, Xxx Xxxxxxxxxx, Xxxxxxx Xxxx, Maidenhead SL6 7RJ, United Kingdom Telephone: +00 (0)0000 000000 Avire has appointed a data protection officer who has responsibility for advising Avire on its data protection obligations. You can contact the data protection officer using the contact details above. Personal information is any information that tells us something about an individual. This could include information such as name, contact details, phone number or date of birth. We collect personal information about you from various sources including: • when setting up a SmartView Hub account; • when performing local device set up on XxxxxXxxxxx.xxx • when adding or removing users to a SmartView Hub account; and • from you when using a SmartView Hub account. • Personal and/or business contact details such as employer, name, title, address and email addresses; • Account information (including details of work carried out by you in relation to any installation); • Geo-location information which tells us you carried out work at a particular location and other information obtained through our Cloud Services • IP Adress and Subnet Mask of installed unit on client’s network We use your information for the following purposes: • to conduct checks to authorize an SmartView Hub account; • to administer the Terms of Use for the Cloud Services, • to notify you about other products and services that we offer; • for business management and planning purposes, including accounting and auditing; • to conduct data analysis to provide information useful to our customers, including but not limited to, lift telemetry, usage, and fault diagnosis information • to conduct data analytics studies to review and better understand our customers • to comply with our legal obligations and professional codes; and • to comply with information requests that we receive from regulators and law enforcement authorities or to comply with court orders. Under Data Protection Legislation we are only permitted to use your personal information if we have a legal basis for doing so as set out in the Data Protection Legislation. We rely on the following legal bases to use your information in relation to our Cloud Services: • where we need information to perform the contract we have entered into with you; and • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. In more limited circumstances we may also rely on the following legal bases: • Where we need to protect your interests (or someone else’s interests); and • Where it is needed in the public interest or for official purposes. The table at the end of this notice provides more detail about the information that we use, the legal basis that we rely on in each case and your rights. We need some of your personal information in order to perform our contract with you to provide the Cloud Services. For example, we need to know your name so that a profile can be created for an SmartView Hub account. Where information is needed for these purposes if you do not provide it we will not be able to offer our Cloud Services to you. We explain when this is the case at the point where we collect information from you. We share your personal information in the following ways: • Where we use third party services providers who process personal information on our behalf in order to provide services to us. This includes IT systems providers and IT contractors, cloud service providers, and wireless network operators • Where we share your personal information with third parties we ensure that we have appropriate measures in place to safeguard your personal information and to ensure that it is solely used for We will ensure access to personal information is restricted to employees of Avire on a need to know basis. Training will be provided to any of those employees of Avire who need access to your personal information to ensure it is secure at all times. When data is transferred to countries outside of the UK and the European Economic Area those countries may not offer an equivalent level of protection for personal information to the laws in the UK. Where this is the case we will ensure that appropriate safeguards are put in place to protect your personal information. As a general rule we keep your personal information for as long as you retain a user profile on a SmartView Hub Account and for a period of 6 months after your profile is removed. However, where we have statutory obligations to keep personal information for a longer period or where we may need your information for a longer period in case of a legal claim, then the retention period may be longer. Full details of the retention periods that apply to your information are set out in our Data Retention Policy which is available on request. You have a number of rights in relation to your personal information, these include the right to: • be informed about how we use your personal information; • obtain access to your personal information that we hold; • request that your personal information is important to corrected if you and believe it is incorrect, incomplete or inaccurate; • request that you may be apprehensive about disclosing it. Your privacy is just as important to us, and we are committed to safeguarding and processing erase your personal information in a lawful manner. We also want the following circumstances: o if Avire is continuing to make sure that you understand how and process personal data beyond the period when it is necessary to do so for what the purpose we process your information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what which it was originally intended, collected; o if Avire is relying on consent as the legal basis for processing and you can contact our Information Officer. You can request access withdraw consent; o if Avire is relying on legitimate interest as the legal basis for processing and you object to the information we hold about you at any time this processing and if you think that we have outdated information, please request there is no overriding compelling ground which enables us to update continue with the processing; o if the personal data has been processed unlawfully (i.e. in breach of the requirements of the Data Protection Legislation); or correct it. We collect o if it is necessary to delete the personal data to comply with a legal obligation; • ask us to restrict our data processing activities where you consider that: o personal information directly from the following data subjects: • Prospective clients who enquire about is inaccurate; o our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) is unlawful; o where we no longer need the personal information but you require us to keep it to enable you to establish, exercise or defend a legal claim; or o where you have raised an objection to our use of your personal information; • Lodge request a complaint copy of certain personal information that you have provided to us in a commonly used electronic format. This right relates to personal information that you have provided to us that we need in order to perform our agreement with the Information Regulator (please complete Annexure B). In the event that you and personal information where we are relying on consent to process your personal information; • object to our processing of your personal information has where we are relying on legitimate interests or exercise of a public interest task to make the processing lawful. If you raise an objection we will carry out an assessment to determine whether we have an overriding legitimate ground which entitles us to continue to process your personal information; and • not been processed in accordance with the POPI Act and the principles set be subject to automated decisions which produce legal effects or which could have a similarly significant effect on you. If you would like to exercise any of your rights or find out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints processmore, please visit contact our Data Protection Officer. The table at the website end of this notice provides more detail about the Information Regulatorinformation that we use, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawlegal basis that we rely on in each case and your rights.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ We understand that A. At HSBC, HSBC take the privacy of your personal information is important to you seriously and that you may be apprehensive about disclosing it. Your privacy is just as important to us, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your information. If for any reason you think ensuring that your information is secure. HSBC ask that you read our Privacy Notice carefully as it explains what information HSBC collect about you, how HSBC will use that information, who HSBC will share it with, the circumstances when HSBC will share it and what steps HSBC will take to make sure it stays private and secure. B. When you use this App, HSBC will collect information about the device the App is installed on (e.g. device identification numbers), and about your accounts with us and associated transactions. C. HSBC will collect this information directly from you, e.g.: when you enter information into the App. HSBC use the above information to deliver the services offered in the App, and HSBC need to process it to perform the obligation in the agreement HSBC entered with you. D. HSBC may also use that information, together with information about your location (country or region, not processed your precise location) and information about your usage of the App (e.g.: how long you spend on particular web pages), for the following purposes. The lawful basis for this usage is that HSBC have a legitimate business interest to improve our products and services to best meet our customers’ needs, and to provide products and services HSBC think are relevant to them. (a) Tailoring the content and the services that you’re offered through the App (b) Understanding how our customers use their accounts (c) Monitoring trends in a correct mannerproduct offerings (d) Developing propositions and products and targeting them appropriately (e) Identifying products and offers which may be of interest to you (f) Improving the App services for you E. The App may store all the above information securely on your device, or that and access it when required. F. HSBC may use other HSBC Group companies, and/or third parties, to provide the App on our behalf. G. For more detail on how HSBC will use your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think that we have outdated personal information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead refer to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics Privacy and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawsecurity at [ xxxxx://xxx.xxxx.xxx.xx/en-tw/privacy-and- security/ ].

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT The mobile application you are using (the “POPIA”)‌ We understand that your personal information is important Demo App”) has been provided to you and that you may be apprehensive about disclosing it. Your privacy is just as important to us, and we are committed to safeguarding and processing your information in a lawful manner. We also want to make sure that you understand how and certain staff of TransUnion’s clients (or potential clients) for what purpose we process your information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application formdemonstration purposes only. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold personal information about you • Request that we provide you with a description of the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A) • Request that we consider your objections Privacy Notice applies to the processing of your data solely for the purposes of such demonstration. We are TransUnion International UK Limited (company number 03961870) (referred to as “TransUnion” for the purposes of this Demo App), with headquarters at Xxx Xxxx Xxxx, Xxxxx, Xxxx Xxxxxxxxx XX0 0XX. We are processing your personal information data to demonstrate how TransUnion’s Document Verification and Biometric Matching app (the ‘live’ version of this Demo App) could potentially operate to assist TransUnion’s clients with identity verification and/or anti-money laundering and/or the detection/prevention of fraud or financial crime. We will be processing the data you input into the Demo App (a photographic image of your identity document, including the data it contains, a real-time photograph of your face, and any secondary documents you photograph, e.g. a utility bill or bank statement) as part of the demonstration, as well as your device metadata (which includes your geolocation data - if you have given permission for this to be collected). We will also be processing the data that we return to you, which will be presented back to you as a summary report via the Demo App. We are processing your data on the basis of your consent. This must be your explicit consent so please complete Annexure B) • Lodge a complaint read this notice carefully (along with the Information Regulator End User Terms & Conditions) to ensure you fully understand how your data will be used, stored, transferred and deleted. The data processed through the Demo App will be passed to TransUnion’s sub-contractor Paycasso Verify Limited (please complete Annexure B). In the event that company number 08057477) (“Paycasso”) which will be processing your personal information has data on TransUnion’s behalf. Paycasso will not been be allowed to use the data for its own purposes. Your data will only be stored for the duration of the demonstration. Your input data will be processed in accordance with and a report will be returned to you. Once the POPI Act demonstration is complete and the principles set out aboveDemo App is closed, all of your data (including the report) stored on the mobile telephone you are using (as well as on Paycasso’s servers) will be securely deleted and destroyed. Under the GDPR, you have various rights in relation to the data we are processing (for example, the right to lodge obtain a complaint with copy of your data, the right to rectify your data, the right to have your data erased and the right to withdraw your consent). However, due to the limited period of time Paycasso will be holding your data before it is deleted, it will not be possible for us to implement such a request. You can contact our Data Protection Officer at xxx@xxxxxxxxxx.xx.xx. You also have a right to complain to the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD Commissioner’s Office at Wycliffe House, 00 Xxxxxxxx XxxxxxWater Lane, XxxxxxxxxxxxWilmslow, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing LawCheshire SK9 5AF or by telephone on 0000 000 0000.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ We understand that your The nature of personal information is important to we collect may include: • Information we receive from you such as your name, address, contact information, email address, and that you may be apprehensive general financial, credit and reference information, etc.; • Facts about disclosing it. Your privacy is just as important to your historical and current consumption of power; • Information about your transactions with us, such as meter number, account number, account balances, payment history, and we are committed to safeguarding account activity; • Identifying information, such as a date of birth, driver’s license and processing your information in a lawful mannerother photo identification that is supplied. We also want to make sure that you understand how and for what purpose we process your information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to InnPower Corporation uses the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it. We collect personal information directly from for the following data subjectspurposes: • Prospective clients who enquire about our financial services to confirm your identify, respond to your inquiries and maintain business relations with you; • Clients who have appointed the representative to deliver and maintain electricity service; • to bill and collect payment; • as their broker Personal information is collected from a billing and collecting agent for InnServices for water and wastewater services; • to establish your credit worthiness; • to register you through the completion for pre-authorized payment; • for legal, regulatory and market operations requirements; • to help prevent or investigate fraud, theft of power or other breaches of the completion of an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from other sources such as external third parties and from cookies our website. As an authorized financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002law; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and disclose your personal information mainly to provide you with access information about our services, the electricity industry, energy conservation and rates; • to the services and products that we providerequest your participation in surveys or contests; or • to notify you about events, outages or causes sponsored by InnPower Corporation or our affiliates. We will only process In some cases, your information for a purpose you would reasonably expect, including: • Complying will be shared with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers who perform services on our behalf. These service providers are located in: • Israel • Cyprus • Bulgaria We confirm given only the information necessary to perform those services that the level of protection afforded we have contracted them to your provide. Your personal information by that third country or international organisation will be used for the purposes identified above and in our Privacy Policy which can be found on our website at xxxxxxxx.xx. The information your provide is equal to the protection afforded protected by the POPI ActMunicipal Freedom of Information and Protection of Privacy Act rules to govern the collection, use and disclosure of personal information in a manner that recognizes the right of privacy of individuals with respect to their personal information and the need of organizations to collect, use or disclose personal information for purposes that a reasonable person would consider appropriate in the circumstances. As a data subjectAt any time, you have the right to – • Request that request access to your personal information which we confirm, free of charge, whether or not, we hold have collected and to request amendments to personal information about you • Request that we provide to ensure its accuracy and completeness. If you with a description have questions about how InnPower Corporation collects and uses your personal information, contact our Privacy Officer: email xxxxxxx@xxxxxxxx.xx or in writing to 0000 Xxxxx Xxxxxx, Xxxxxxxx XX X0X 0X0. I have read and understood the attached statement of InnPower regarding the collection, use and disclosure of my personal information, and I hereby consent to have InnPower collect and use my personal information we hold about you, and to explain why and how it for the purposes stated. This information is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) • Lodge a complaint with the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed collected in accordance with the POPI Act Electricity Act, 1998 and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below. Alternatively, you may contact the Information Regulator for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD House, 00 Xxxxxxxx Xxxxxx, Xxxxxxxxxxxx, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawrelated Ontario Energy Board Codes.

Privacy Notice. PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”)‌ We understand that your personal information is important to you Xxxxxx Corporation and that you may be apprehensive about disclosing it. Your privacy is just as important to us, and we its affiliated companies are committed to safeguarding your privacy and processing protecting your information in a lawful manner. We also want to make sure that you understand how and for what purpose we process your personal information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer. You can request access to the information we hold about you at any time and if you think Please be assured that we do not sell this information to anyone for marketing or any other purpose and we have outdated strict policies and procedures in place to protect the confidentiality of all non -public personal financial information, please request us to update or correct it. The following outlines our privacy practices: We collect nonpublic personal information directly from the following data subjects: • Prospective clients who enquire about our financial services • Clients who have appointed the representative as their broker Personal information is collected from you through the completion of the completion of an online application form. This form is completed either electronically or in hard copy. You may also be requested to provide your personal information during your consultation with a representative. We may also collect information about you from the following sources: • Information we receive from you on applications or other sources such forms; • Information about your transactions with us, our affiliates, or others; • Information we receive from a consumer reporting agency; and/or • Information we receive from inspection reports. We do not disclose any nonpublic personal information about our customers or former customers to anyone, except as external third parties and from cookies our websitepermitted by law. As an authorized financial services providerWhen necessary, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you: • Financial Advisory and Intermediaries Services Act 37 of 2002; • Financial Intelligence Centre Act 38 of 2001; 70 We collect, hold, use and may disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including: • Complying with the obligations contained in the contract concluded between yourself and the FSP • To confirm, verify and update your details • To comply with any legal and regulatory requirements Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, inter alia your title, birth date, gender, residency status and your banking details. Failing to provide compulsory information may lead to our organisation’s inability to carry out the functions necessary to perform as an authorised financial services provider. We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us. • Your employer (where applicable); • The Compliance Officer of the organisation (where applicable) • Analytics and search engine providers assisting in the enhancement of our websites • Information Technology specialists assisting us with data storage, security, processing, analytics, etc • Auditors of the Organisation • Regulatory or governmental authorities such as the Financial Sector Conduct Authority and the Prudential Authority Your information may be hosted on servers managed by a thirdn on-party service provider, which may be located outside of South Africa. The third-party service providers are located in: • Israel • Cyprus • Bulgaria We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act. As a data subject, you have the right to – • Request that we confirm, free of charge, whether or not, we hold public personal information about you • Request to non -affiliated third parties for the purposes of underwriting, administering your policy or claim, and other purposes permitted by law such as disclosures to regulatory authorities or in response to legal process es. For example, we may share your information with financial service providers such as insurance agents and/or brokers who work with us. We restrict access to nonpublic personal information about you to only those employees who need to know that we information in order to provide products or services to you. We maintain physical, electronic, and procedural safeguards that comply with federal standards to guard your nonpublic personal information. We appreciate your business. Thank you with a description for placing your trust in Xxxxxx. INTERLINE POLICY NUMBER: 3DS5451-M909549 FORM NUMBER FORM NAME MPIL 1004 02 10 ALASKA NOTICE IL 09 10 12 03 PENNSYLVANIA NOTICE MPIL 1009 04 10 TEXAS NOTICE MJIL 1000 08 10 POLICY JACKET - ESSEX MDIL 1000 08 11 COMMON POLICY DECLARATIONS MDGL 1008 08 11 COMM GL COV PART DEC MKL TERR 4 (01-08) TERRORISM DISCLOSURE NOTICE CG 00 01 12 07 COMM GL COV FORM MEIL 1200 01 10 SERVICE OF SUIT MPIL 1007 04 10 PRIVACY NOTICE MDIL 1001 08 11 FORMS SCHEDULE ME-007(01-09) ABSORPTION/INHALATION EXCL ME-023(01-09) ANIMAL EXCL ME-030(04-99) CLASSIFICATION LIMITATION ME048 (09/09) DEDUCTIBLE ENDORSEMENT ME-204(01-09) SEXUAL ABUSE EXCLUSION ME-265(01-05) FIREARMS EXCLUSION MEGL 0001 06 12 COMBINATION GENERAL ENDORSEMENT MEGL 0213 06 12 SPECIAL EVENTS & SPECTATOR LIAB EXCL MEIL 1211 06 10 MIN EARNED PREM AMEND XXXX XXXX 1225 10 11 CHANGES - CIVIL UNION CG 21 36 03 05 EXCL NEW ENT CG 21 47 12 07 EMPLOYMENT RELATED PRACTICES EXCL CG 21 49 09 99 TOTAL POLLUTION FORM CG 21 67 12 04 FUNGI OR BACTERIA EXCL CG 21 73 01 08 EXCLUSION OF ACTS OF TERRORISM CG 24 26 07 04 AMNDMNT OF INSURED CONTRACT DEFINITION IL 00 17 11 98 COMMON POLICY CONDITIONS IL 00 21 09 08 NUCLEAR ENERGY LIAB EXCL ENDOR IL 01 46 08 10 WASHINGTON COMMON POLICY CONDITIONS IL 02 43 09 07 MONTANA CHANGES IL 02 46 09 07 PA CHANGES-CANCEL AND NONRENEW IL 02 47 02 11 ME CHANGES-CANCEL AND NONRENW IL 02 49 09 08 SC CHANGES-CANCEL AND NONRENEW IL 02 60 02 10 CT CHANGES-CANCEL AND NONRENW IL 02 61 09 07 KS CHANGES-CANCEL AND NONRENEW IL 02 63 09 08 KY CHANGES-CANCEL AND NONRENW IL 02 72 09 07 IN CHANGES-CANCEL AND NONRENW IL 02 76 09 08 IA CHANGES-CANCEL AND NONRENEW IL 12 01 11 85 POLICY CHANGES IL 12 01 11 85 POLICY CHANGES * Entry optional if shown in the Common Policy Declarations. If no entry is shown, the effective date of the personal information we hold about you, and to explain why and how it endorsement is being processed (please complete Annexure A) • Request that we consider your objections to the processing of your personal information (please complete Annexure B) • Lodge a complaint with same as the Information Regulator (please complete Annexure B). In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out above, you have the right to lodge a complaint with the Information Regulator. For further information regarding the complaints process, please visit the website effective date of the Information Regulatorpolicy. *ATTACHED TO AND FORMING PART OF POLICY NO. *EFFECTIVE DATE OF ENDORSEMENT *ISSUED TO 3DS5451-M909549 2/1/2013 Promotion, as indicated below. AlternativelyEvent and Prize Purchasing Group dba Event Xxxxxx.xxx This insurance does not apply to “bodily injury”, you may contact the Information Regulator “property damage”, “personal and adv ertising injury”, disease or illness including death resulting from such disease or illness, alleged disease or illness, property damage, or any other damages, for further assistance: The Information Regulator: Adv Pansy Tlakula Physical Address: JD Housepast, 00 Xxxxxxxx Xxxxxxpresent, Xxxxxxxxxxxxor future claims arising in whole or in part, Xxxxxxxxxxxx, 2001 Email: xxxxxxxxxx.XX@xxxxxxx.xxx.xx Website: xxxxx://xxx.xxxxxxx.xxx.xx/inforeg/index.html 30. DISPUTE RESOLUTION‌ 30.1. Governing Lawdirectly or indirectly out of: