OAREX TECHNOLOGY LTD
PRIVACY POLICY

Please read our Privacy Policy before you may become a business or personal user of the OAR Exchange platform. The onus is on you to access our terms and condition, as well as any amendments made thereto and to contact OAREXTechnology Ltd ("We, Us, Our") in the event of any queries you may have. By using any part of the OAR Exchange service, you acknowledge and agree to the processing of your personal data under the terms and conditions set out in this privacy policy

1.0 . INTRODUCTION

This Privacy Policy applies to all services provided by Oarex Technology Ltd herein referred to as (“OAR Exchange”, “we”, “our”, or “us”). Oarex Technology Ltd is a duly registered Limited Liability Company that operates a digital platform by the trade name “OAR Exchange” at “oarexchange.com”. The digital platform simply facilitates the exchange of cryptocurrencies to Naira, digital gift cards, payment of utility bills and other supported digital assets for fiat currency or other digital assets to Naira

1.1. This Privacy Policy describes your privacy rights regarding our collection, use, storage, sharing and protection of your personal information. It applies to the OAR Exchange platform (which comprises of the OAR Exchange website and/or mobile applications), its applications, services, tools and content regardless of how you access or use them.

2.0 LEGAL BASIS

2,1 The legal basis for processing this data shall be upon acceptance of this Privacy Policy when you sign up for, access, or use our products, services, content, features, technologies or functions offered on our OAR Exchangeplatform, all related sites, applications, and services (collectively known as “OAR Exchange” or the “Platform”). This Policy governs the use of OAR Exchange by registered and non-registered users, unless otherwise agreed through a written contract. We may amend this Privacy Policy at any time (and without recourse to you) by posting a revised version on our Platform and/or through email notification. The revised version will be effective seven (7) days after posting or any other date as may be communicated by us.

3.0. PERSONAL INFORMATION

3.1 When you use OAR Exchangeservices either as a registered or non-registered user, we collect information sent to us by your computer, mobile phone, Point of Sale (“POS”) terminal or other electronic access devices. The information shall be collected automatically and shall include but not limited to data about the pages on OAR Exchange Platfom which you access, your computer IP address, device ID or unique identifier, device type, geo-location information, computer and connection information, mobile network information, statistics on page views, traffic to and from the sites, referral Uniform Resource Locator (URL), ad data, and standard web log data.

3.2 We may also collect information you directly provide to us including but not limited to information on web forms, account update information and correspondence with OAR Exchangesupport services. We also collect information about your transactions and your activities. In addition, we collect your contact information such as; name, address, phone number, email, etc. We also collect your Bank Verification Number (BVN), National Identification Number (NIN), bank account name and numbers and these may be linked to your OAR Exchange profile, where applicable. Information obtained through survey responses, telephone conversations, user enquiries and other means may also be collected and used by us.

3.3 We may also use information provided by third parties like social media sites and verification agencies. Information about you which are provided by you or any person to other websites or platforms are not controlled by OAR Exchange, and we are therefore not liable for how they use it.

3.4 If the information you have supplied to us is wrong, you can put in a request to updateit quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes, and when responding to a request to update your personal information, we may ask you to verify your identity before we can act on the request. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems). Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort. We aim to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems.

3.5 You can also let us know if you feel that your personal information is being processed in any way other than how you have consented to it being used. We will take reasonable steps to ensure that your personal information is processed in the manner in which you have consented to it, or we may delete it based on your instruction. However, we may not accede to your request if it is unrealistic, impractical or inimical to our compliance with applicable regulation or laws.

4.0 USE OF PERSONAL DATA

Our purpose for collecting your personal information is to give you an efficient, enjoyable and secure customer experience. We may use your information to:

• o 4.1 Provide OAR Exchange Services and support;
• o 4.2 Process transactions, and send notices about your transactions.
• o 4.3 Verify your identity;
• o 4.4 Resolve disputes, collect fees, and troubleshoot problems;
• o 4.5 Manage risk, or detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities;
• o 4.6 Detect, prevent or remediate violations of policies or applicable user agreements;
• o 4.7 Improve OAR ExchangeServices by implementing aggregate user preferences;
• o 4.8 Measure performance of OAR ExchangeServices and improve content, technology and layout;
• o 4.9 Manage and protect our information technology infrastructure;
• o 4.10 Contact you at any time through your provided telephone number, email address or other contact details;
• o 4.11 Notify you of new products, services and/or offerings, newsletters and similar messages (“promotional messages”); or any enhancements/amendments to existing products services and/or offerings that we think may be of interest to you. If you do not want to receive such promotional materials from us, you may opt out at any time by sending an email to dpo@
• o 4.12 Carry out other activities permitted by law including; the fulfillment of our contract with you, compliance with legal and/or regulatory requirements, to protect your vital interest, and so on.
• o 4.13 If we intend to process your personal information for any purpose other than those listed in this policy, we shall provide you with relevant information on the further processing and seek your consent before the processing commences.

5.0 COOKIES

5.1 Cookies are small files placed on your computer's hard drive that enables OAR Exchange Platform or website to identify your computer as you view different pages. Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. Like most interactive websites, and online platforms, OAR Exchange uses cookies to enable the tracking of your activity for the duration of a session. OAR Exchange uses only encrypted session cookies which are erased either after a predefined timeout period or once the user logs out of OAR Exchange and closes the browser. Session cookies do not collect information from the user's computer. They will typically store information in the form of a session identification that does not personally identify the user.

6..0 HOW WE PROTECT DATA SUBJECT PERSONAL INFORMATION

6.1 We store and process your personal information on our computers in Nigeria, Africa and elsewhere in the world where our facilities are located. Data protection laws vary among countries, with some providing more protection than others. Regardless of where your information is processed, we apply the same protections described in this policy. You have a right (upon your request) to be informed of the appropriate safeguards for data protection in the foreign country.

6.2 We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls.

6.3 Furthermore, in the event of an actual or suspected breach of your personal information, we will use best effort to remedy the breach within one (1) month from the date we report the breach to you.

7.0 ACCESS TO PERSONAL DATA

7.1 If you are a registered user on OAR Exchange, you may access your personal information using your secure login credentials to access the relevant system features for such purpose. If you are a non-registered user, you may request for your personal information by sending an email to support @

7.2 This information should only be used for your own purposes and not to circumvent OAR Exchange Platform, or to be distributed to other parties who may use such information to the disadvantage of OAR Exchange Platforms

7.3 You will be able to access reports of your previous transactions up to seven years after the transaction date, subject to a continuous period of use. The applicability of the (7) seven-year period will re-commence if there has been a break in use for a period of more than three months. OAR Exchange Platformwill advise you on any applicable fees to request access to data in such events.

7.4 You have the right to request that we stop using your data or return your data to you, or transmit the data directly to another data controller. The withdrawal of your consent at any time shall not affect the lawfulness of the processing based on your consent before its withdrawal. In the event you intend to exercise your right in this regard, kindly notify us through support @ and your request shall be treated promptly.

8.0 HOW WE USE AND SHARE PERSONAL DATA

8.1 During your transaction, we collect personal informations like name,accountnumber,means of ID e.t.c to facilitate payment transactions and we also provide the corresponding party with information such as your name, account identification details, contact details, shipping and billing address, or other information needed to promote the integrity and security of the transaction. We may also provide details of unsuccessful transactions.

8.2 We work with third parties, including but not limited to merchants, to enable them to accept or send payments from or to you, using OAR Exchange Platform In doing so, a third party may share information about you with us, such as your email address or mobile phone number, to inform you that a payment has been sent to you or when you attempt to pay a merchant or third party. We use this information to confirm that you are aOAR Exchangecustomer and that OAR Exchange as aOnline trading platform can be enabled. We also validate your status as aOAR Exchange customer to third parties on your instruction.

8.3 We enter into contracts with third parties to perform certain business-related functions necessary to ensure the optimal provision of the service to you, including but not limited to payment processing, data storage, security, identity verification, fraud prevention, etc. We disclose relevant portions of your information to these third parties were reasonably necessary. With respect to the confidentiality of your personal information, these third parties are bound by extant laws and regulations on data protection, including the provisions of NDPA 2023 (including amendments or supplemental provisions).

8.4 Except in instances relating to clause 8.3 above, upon receiving your clear and unequivocal instruction, we may also share your personal information with third parties in a manner deemed reasonable and convenient for us, either physically or through any digital channel available at any point in time.

8.5 You accept that your pictures and testimonials on all social media platforms about OAR Exchange can be used for limited promotional purposes by OAR Exchange Platform or its agents. This does not include your trademark or copyright protected materials.

8.6 We may also release data about you if, in our opinion, the disclosure is reasonable and legally permissible for the purpose of ensuring the integrity of our business operations. Additionally, in the event of a merger or corporate restructuring, we may also divulge your personal information to applicable parties.

8.8 From time to time we may send you relevant information such as product updates, new functionalities, tips on how to use OAR Exchange and new service offerings.

8.9 We may also share your personal information in compliance with local or international regulatory requirements, with fraud prevention and risk management agencies, with our service providers or in compliance with a court order.

8.10 We recognize the privacy of minors, and we do not knowingly collect personal information belonging to minors.

9.0 DATA SECURITY

9.1 We will always hold your information securely. To prevent unauthorized access to your information, we have implemented controls anecurity safeguards at technical and operational levels. This site uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure secure transmission of your personal data. You should see the padlock symbol in your URL address bar when accessing the site, www…. The URL address will also start with “https://” depicting a secure webpage. SSL applies encryption between two points such as your personal computer (PC) or any other electronic device used by you to access OAR Exchange, and the connecting server. Any data transmitted during the session will be encrypted before transmission and decrypted at the receiving end. This is to ensure that data cannot be read during transmission.

10.0 DATA SUBJECT RIGHT

10.1 You have the right to request for copies of all information we keep on you, provided that you give us reasonable notice of such a request in writing. While OAR Exchange Platformis responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes but is not limited to adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login or transaction authentication details. You are ultimately responsible for the security of your platform login and transaction authentication details.

10.2 You have the right to request that we stop using your data or return your data to you. In the event you intend to exercise your right in this regard, kindly notify us via support@ …………… and your request shall be treated promptly.

12.0 LIMITATION CLAUSE

12.1 OAR Exchange Platformwill not be liable for loss of income, profits, business, opportunity, goodwill, contracts or any indirect, special, incidental or consequential damages arising out of or in connection with the Service, any computation or failed transaction on OAR Exchange, arising out of any breach of this Policy.

12.2 We will not be liable for any loss or damage arising as a result of unauthorized access to the Service if (a) you intentionally or negligently fail to take reasonable precautions to protect your security, access codes, login details or any device used to access the Service, (b) you failed to promptly notify us that the Service was being accessed in an unauthorized way after becoming aware of it, or (c) you acted fraudulently.

12.3 Our liability to you or any third party in any circumstance of proven liability by us, shall not exceed the fees paid to us in respect of the specific transaction that gave rise to the claim or liability, unless otherwise specified by a court of competent jurisdiction.

12.4 Notwithstanding any provision in clauses 12.1, 12.2 and 12.3, limitation of liability shall not apply if we breach any provision of the Nigeria Data Protection Act 2023 (“NDPA”).

13.0. DATA SUBJECT RIGHT

As a data subject, the law vests you with the following rights:

• 1. Right to withdraw your consent to data processing;
• 2. Right to transfer data we hold about to you to a third party;
• 3. Right to request for the deletion of your data from our systems;
• 4. Right to have the data we hold about you sent to you in an electronic format;
• 5. Right to restrict and object to the processing of your data in certain circumstances;
• 6. Right to rectify data we hold about you where you believe such data to be incomplete or inaccurate; and
• 7. Right to lodge a complaint with a relevant authority, where you have reason to believe that we have violated the term(s) of this Privacy Policy.

14.0 FUTHER ENQUIRIES

13.1Your information is regarded as confidential and will not be divulged to any third party except under legal and/or regulatory conditions. Any other complaints, questions, comments and requests regarding this privacy policy are welcomed and should be addressed to our Data Protection Officer through support@.