Privacy Statement and Practices

Privacy Statement and Practices

Version 2.0

Terms used herein but not otherwise defined shall have the meanings ascribed to them in Section 19 of this Privacy Statement. This Privacy Statement is also known as our Privacy Policy and references to our Privacy Policies in other Digital Edge documentation shall be a reference to this Privacy Statement.

At Digital Edge, we value your privacy. Regardless of whether you are our customer, a visitor to one of our Websites or Facilities, or someone we deal with in the ordinary course of our business, protecting your privacy is important to us and is a responsibility that we take seriously. We understand the importance of ensuring that we collect, use, store, share and dispose of Personal Data in a fair, ethical, transparent, secure, and lawful way.

This Privacy Statement describes the Privacy Practices we have adopted to protect your Personal Data and to be compliant with regulations pertaining to privacy and data protection. In certain jurisdictions around the world, we have additional requirements that apply to how we Process your Personal Data. Please see the applicable privacy riders for these locations in the links below.

For jurisdiction-specific details, please refer to Annexures 1–5 appended to this Privacy Statement.

1. Privacy Statement

This Privacy Statement applies to Digital Edge and is addressed to individuals outside our organization with whom we interact with in respect of our business, including our customers, prospective customers, job applicants, users of our Websites or Facilities, and other third parties who provide information to us through various other channels (together, “you”).

By using our Websites or Services, or otherwise providing information to us, you agree that your Personal Data will be handled as described in this Privacy Statement. Your use of our Websites is also subject to our Terms of Use, which sets forth important information about your use of our Websites.

This Privacy Statement may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of Personal Data. We encourage you to read this Privacy Statement carefully, and to regularly check this page to review any changes we might make to the same. If you have any questions about how we Process your Personal Data, or would like to lodge a complaint, please contact us at Head of Legal and Compliance: joe.b@digitaledgedc.com.

2. Collection of Personal Data

Summary: We collect or obtain Personal Data from you from different sources, including automatically as you use our Websites or Services; when you contact us or request information; during the course of our relationship with you (or your employer); when you make Personal Data public; when you register to use any of our Services; or when you interact with our third party content or advertising partners on their websites. We may also receive Personal Data about you from third parties (e.g., law enforcement authorities, research providers, and financial institutions).

PLEASE NOTE: We do not ask about or collect sensitive or special category Personal Data about you, e.g., information relating to your health, genetic information, religion, political beliefs, union membership, race, or sexual orientation. We ask that you do not send or provide this information to us under any circumstances.

How we collect and Process Personal Data can vary based on how and why you interact with us. Namely, we Process Personal Data as follows:

Information We Collect Directly from You. When you communicate or do business with us, we collect information from you, and this may include personal information. For example, we collect information from you when you buy our Services, create an online account with us, request information from us, download information from our Website, submit a trouble ticket, access our Facilities, participate in a contest or survey given by us, attend any of our customer or marketing events, or otherwise engage with us in relation to a Service.

Information We Collect Automatically. We automatically collect information about your use of our Websites or online Services through cookies, web beacons, log files and other technologies (including geotagging). We may use this information in aggregated form, or we may associate it with your username and other personal information that we collect about you. We may also combine information collected about you on one of our Websites with information collected through other means for the same purposes as we would use such information in non-combined form. Please see the section “Our Use of Cookies and other Tracking Mechanisms” below for more information.

Information About Your Use of Our Services. Where permitted, we also collect information about your use of our Services, Facilities and Websites, including power utilization, capacity usage, traffic data, CCTV images, security data, and your access rights and privileges (e.g., credentials supplied, biometric data, etc.).

Information We Collect from Third Parties. In addition, we may collect or obtain your Personal Data directly from third parties. These third parties typically consist of research service providers, credit agencies, and law enforcement agencies. Where permitted, we may combine this data with information that we already maintain about you.

You can choose not to provide Personal Data to us in certain circumstances. However, please note that if you decline to provide us with your Relevant Personal Data and such information is necessary for us to provide Services to you, or for you to access our Websites or Facilities, or to perform administrative functions in respect of the same (e.g., billing, customer support, etc.), we may be unable to do these things for you.

3. Type and Categories of Personal Data

Summary: The type and categories of Personal Data we collect and Process may include, but is not limited to: your personal details (e.g., your name, age, and gender); demographic data (e.g., your location and language preferences); your contact details (e.g., your telephone number and email address); records of your consents; work order details; information about our Websites (e.g., the type of device you are using); details of your employer; information about your interactions with our content or advertising; and any views or opinions you provide to us.

PLEASE NOTE: We do not process personal information or data on behalf of our customers, and we do not have access to (nor monitor) our customers’ data which (i) is stored or processed by them on their servers or systems within our Facilities or (ii) otherwise transits over or through our Network Services.

We Process the following type and categories of Personal Data:

Personal Details: given name(s), preferred name, age, and gender.

Demographic Information: salutation, job title, and language preferences.

Contact Details: correspondence and business address, telephone number, email address, details of personal/executive assistants (where applicable), messenger application preference, online messaging details, and social media details.

Consent Records: records of any consents you have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent (i.e., for credit checks, background checks, etc.).

Access Records: dates, times and locations of access to our Websites or Facilities; access credentials, including any location data or biometric data you choose or consent to provide to us.

Work Order Details: records of work orders placed on our Customer Portal.

Data Relating to Our Websites: your device type, operating system, browser type, browser settings, IP address, language settings, date and time of connecting to a Site, usage data, and aggregate statistical information; as well as your Customer Portal usage statistics (including settings, dates and times of connecting to the Customer Portal and other technical communications information such as username, password, security login details).

Employer Details: where you interact with us in your capacity as an employee of a third party, the name, address, telephone number and email address of your employer.

Content and Advertising Data: records of your interactions with our online advertising and content, records of advertising and content displayed on pages, and any interaction you may have had with such content or advertising (e.g., mouse hover, mouse clicks, any forms you complete in whole or in part) and any touchscreen interactions.

Job Applicants: education details, job and salary history and other information gathered during the interview process.

4. Purposes of Processing and Legal Basis

Summary: We Process Personal Data for various reasons, including but not limited to providing you with access to our Websites, Customer Portal, and Services; communicate with you; manage our IT systems in connection with our business; ensuring health and safety of all our customers, employees, and allow access to our Facilities.

Subject to applicable laws, we Process Personal Data for the following purposes:

To provide our Services to you, to communicate with you about your use of our Services, and to fulfil your orders for additional Services (including via email, telephone, audio or video conference, text message, social media, post or in person).

To provide secure access to our Facilities, including by means of secure access systems which processes your Personal Data, including any access credentials and any biometric data you may choose to provide for these purposes.

For the purpose for which you specifically provided the Personal Data to us, including, to respond to your inquiries, provide information that you requested, address trouble tickets, and provide you with support in respect of your Services.

To deliver customized content to you, offer location based, personalized help and instructions, and otherwise personalize your experience while using our Websites or our Services.

To better understand how users’ access and use our Websites and Services, both on an aggregated and individualized basis, to administer, monitor, and improve our Websites and Services, for our internal purposes, and for other research and analytical purposes.

For marketing and promotional purposes (e.g., we may use your Personal Data to contact you with newsletters, special offers and promotions, or to otherwise about products or information we think may interest you, as well as to track the success of our marketing and advertising campaigns).

To assist us in advertising our products and services in various mediums including, without limitation, sending promotional emails, advertising our services on third party Websites and social media platforms, direct mail, and by telemarketing.

To undertake health and safety assessments and related compliance activities (including record keeping) in order to ensure a safe and secure environment to all individuals working or present at our Facilities.

To protect our customers, employees, or property, including management, monitoring and operation of our IT and security systems — for instance, to investigate fraud, harassment or other types of unlawful activities involving third parties that we do business with, and to enforce this Privacy Statement, as well as our Terms of Use.

For our recruitment activities, including interview activities; analysis of suitability for the relevant position; records of hiring decisions; offer details; and acceptance details.

The legal basis on which we Process Personal Data depends on the type and context in which we obtained the information from you, and can include:

Having a legitimate interest in providing our Services to you (to the extent that such legitimate interest is not overridden by your fundamental rights or freedoms),

Having obtained your prior consent (but only for the scope and purposes of that consent), or

Having an obligation or duty (i) to protect the vital interests of any person or (ii) to comply with a legal or regulatory obligation.

5. Disclosure of Personal Data to Third Parties

Summary: We may disclose Personal Data to third parties, including but not limited to, legal and regulatory authorities, our external advisors, our Processors, and any third-party that as necessary in connection with: the provision of our Services to you, legal proceedings where the Personal Data may be relevant, and for investigating, detecting, or preventing criminal offences.

PLEASE NOTE: We do not sell Personal Data to third parties.

To the extent permitted by law, we may share your information as follows:

Affiliates. We may disclose the information we collect from you to our affiliated companies. Our affiliates may use your information for the purposes indicated in this Privacy Statement, including to market their products and services to you.

Marketing Partners. We may jointly offer a product or service, such as data and internet communications products and services, with third parties who are system integrators, resellers, solution partners, network partners and affinity organizations. If we do so, we may share your information, such as your email address, phone number, or mailing address, with these third parties to assist in providing and marketing that product or service to you, as well as to enable the third parties to market their own products and services to you.

Service Providers. We may disclose the information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf, including but not limited to entities that provide website hosting, service/order fulfilment, customer service, and credit card processing. These third parties are sometimes necessary for us to provide our Services to you or to fulfil your requests or orders. We take steps to ensure that third party contracts contain appropriate data protection and security language.

Business Transfers. If we are acquired by or merge with another company, or if substantially all our assets are transferred to another company, we may transfer the Personal Data we have collected from you to the other company.

In Response to Legal Process. We may disclose Personal Data we collect from you in order to comply with applicable law, judicial proceedings, court orders, or other legal process or proceedings.

To Protect Us and Others. We may disclose Personal Data we collect from you where we believe it is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use or this Privacy Statement, or as evidence in litigation in which we are involved.

Other Purposes for Which We May Seek Your Consent: From time to time, we may seek your consent to use your Personal Data for a purpose not described in this Privacy Statement, which may include the consent to share such Personal Data with third parties.

Aggregate and De-Identified Information. We may share aggregate or de-identified information about users with third parties for marketing, advertising, research, or similar purposes.

The complete list of processors to whom we disclose Personal Data and the associated purposes can be found at the following https://www.digitaledgedc.com/privacy-subprocessors.

If we engage a third-party “Processor” to Process your Personal Data, we will ensure the contract between us and the third-party Processor contains adequate provisions to (i) restrict their ability to Process the Personal Data only in accordance with our prior written instructions, and (ii) ensure adequate measures to protect the confidentiality and security of the Personal Data.

6. Communications and Marketing

Where permitted by applicable law, we may send periodic promotional or informational emails to you. You may opt-out of such communications by following the opt-out instructions contained in the e mail. Please note that it may take several days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you e-mails about your account or any Services you have requested or received from us.

7. Cross Border Transfers of Personal Data

Digital Edge may transfer Personal Data across national borders for Processing, but only if permitted by local law. The countries to which we transfer Personal Data are Hong Kong, Singapore, Australia and such other locations as may be specifically referenced in a particular county specific rider (if any). Where we transfer your Personal Data to recipients located outside the country in which the Personal Data was collected, we do so on the basis of Standard Contractual Clauses. You are entitled to request a copy of our Standard Contractual Clauses by contacting us in accordance with the “Clause 18” below.

8. Third-Party Links

Our Websites may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Privacy Statement but is instead governed by the privacy policies of those third party websites. We are not responsible for the information practices of such third-party websites.

Our Websites may also include social media plugins such as “like” and “share” buttons. By clicking on such a plugin, the data you want to “like” or “share” will be provided to the relevant social media site. We are not responsible for the practices of such third-party social media sites once you have clicked on any such button. We will not collect any data about you from social media sites.

9. Data Security

We have implemented appropriate technical and organizational security measures designed to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access, and other unlawful or unauthorized forms of Processing, in accordance with applicable law.

Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your Personal Data, we cannot guarantee the security of your data transmitted to us using the internet – any such transmission is at your own risk, and you are responsible for ensuring that any Personal Data that you send to us are sent securely.

10. Data Accuracy

We take every reasonable step to ensure that the Personal Data that we collect about or from you is accurate and, where necessary, kept up to date. If any of your Personal Data is inaccurate (having regard to the purposes for which it was collected and Processed), we take necessary steps as is required to ensure that such inaccurate data is erased or rectified without delay.

From time-to-time, we may ask you to confirm the accuracy of your Personal Data. 11. Data Minimization

We take every reasonable step to ensure that your Personal Data that we Process are limited to the Personal Data reasonably necessary in connection with the purposes set out in this Privacy Statement Notice.

12. Data Retention

We take every reasonable step to ensure that your Personal Data are only Processed for the minimum period necessary for the purposes set out in this Privacy Statement. The criteria for determining the duration for which we will retain your Personal Data are as follows:

We will retain Personal Data in a form that permits identification only for as long as: We maintain an ongoing relationship with you; or

Your Personal Data are necessary in connection with the lawful purposes set out in this Privacy Statement, for which we have a valid legal basis, plus

The duration of (i) any applicable limitation period under applicable law (i.e., any period during which any person could bring a legal claim against us in connection with your Personal Data, or to which your Personal Data are relevant); and (ii) an additional two (2) month period following the end of such applicable limitation period (so that, if a person brings a claim at the end of the limitation period, we are still afforded a reasonable amount of time in which to identify any Personal Data that are relevant to that claim); and

If any relevant legal claims are brought against us by you, we will continue to Process Personal Data for such additional periods as are necessary in connection with that claim.

During the periods noted in the last 2 paragraphs above, we will restrict our Processing of your Personal Data to storage of, and maintaining the security of, that data, except to the extent required to defend or prosecute a claim involving that Personal Data.

Once the foregoing retention period expires, we will either (i) permanently delete or destroy the relevant Personal Data; or (ii) anonymize the relevant Personal Data so that it is no longer considered Personal Data under relevant laws.

13. Your Rights

Subject to applicable law, you may have the following rights regarding our Processing of your Personal Data:

Right to be informed: you have a right to know what Relevant Personal Data we have about you, what we do with it, where we get it from, who we share it with, how long we keep it and why we need it.

Right not to Provide. The right not to provide Personal Data to us, however, please note that as mentioned earlier, we may not be able to provide you with the full benefit of our Websites or Services if you elect not to provide us with your Personal Data).

Right of Access. The right to request access to, or copies of, your Relevant Personal Data.

Right of Rectification. The right to request rectification of any inaccuracies in your Relevant Personal Data.

Right to be Forgotten. The right to request, on legitimate grounds:

Erasure of your Relevant Personal Data; or

Restriction of Processing of your Relevant Personal Data.

Right to Data Portability. The right to have certain Relevant Personal Data transferred to another Controller, in a structured, commonly used and machine-readable format, to the extent applicable and practicable.

Right to Withdraw Consent. Where we Process your Relevant Personal Data on the basis of your consent, you have the right to withdraw that consent (noting that such withdrawal does not affect the lawfulness of any Processing performed prior to the date on which we receive notice of such withdrawal and does not prevent the Processing of your Relevant Personal Data in reliance upon any other available legal basis).

Right to Complain. The right to lodge complaints regarding the Processing of your Relevant Personal Data with a Data Protection Authority.

Right to Restrict Use: You have the right to limit the way we Process your Relevant Personal Data.

Right to Challenge Automated Decisions: you have the right to query and review decisions made about you using purely automated means (i.e., without human involvement or intervention) based on your Relevant Personal Data.

The forgoing rights are not intended to limit your statutory rights. To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Privacy Statement, or about our Processing of your Relevant Personal Data, please send an email to Head of Legal and Compliance: joe.b@digitaledgedc.com.

Please note that in some cases it will be necessary to provide evidence of your identity before we can give effect to these rights. In addition, where your request requires the establishment of additional facts (e.g., a determination of whether any Processing is non-compliant with applicable law) we will investigate your request promptly, before deciding what action to take. In addition, where permitted under applicable law, we may charge you a reasonable fee to access your Relevant Personal Data, however, we will advise you of any fee in advance of providing you access.

14. Our Use of Cookies and other Tracking Mechanisms

When you visit our Websites, we will typically place Cookies onto your device, or read Cookies already on your device, subject always to obtaining your consent, where required, in accordance with applicable law. We use Cookies to record information about your device, your browser and, in some cases, your preferences and browsing habits. We Process Personal Data through Cookies and similar technologies, in accordance with our Cookie Policy.

15. Direct Marketing

We Process Personal Data to contact you via email, telephone, direct mail, or other communication formats to provide you with information regarding services that may be of interest to you. If we provide our services to you, we may send information to you regarding our services, upcoming promotions and other information that may be of interest to you, using the contact details that you have provided to us, subject always to obtaining your prior opt-in consent to the extent required under applicable law.

You may unsubscribe from our promotional email list at any time by simply clicking on the unsubscribe link included in every promotional email we send. After you unsubscribe, we will not send you further promotional emails, but in some circumstances, we will continue to contact you to the extent necessary for the purposes of any services you have requested.

16. Third-Party Ad Networks

We may use third parties such as network advertisers to display advertisements about Digital Edge on third party websites. Network advertisers display advertisements on third-party sites, based on your visits to our Websites as well as other websites. This enables us and these third parties to target advertisements by displaying ads for products and services in which you might be interested.

Third party ad network providers, advertisers, sponsors and/or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), Flash LSOs and other technologies to measure the effectiveness of their ads, to personalize advertising content to you, and to track your movements on our Websites and on other third-party sites. These third-party cookies and other technologies are governed by each third party’s specific privacy policy, and not this one. We may provide these third-party advertisers with de-identified information about your usage of our Websites and our Services, as well as aggregate information about visitors to our Websites and users of our Services; however, we do not share your personal information with these third parties.

You may opt-out of many third-party ad networks. For more information regarding this practice, and your choices regarding having this information used by these companies, including how to opt-out of third party ad networks operated by, please visit their respective websites.

17. Children’s Privacy

We encourage parents and guardians to take an active role in their children’s online activities. We do not aim our Websites at children. If you believe that we may have collected Personal Data about someone who is under the applicable age of consent in your country without proper consent of the child’s parent or guardian, please contact us by sending an email to privacy@digitaledgedc.com.

18. Details of Controllers

For the purposes of this Privacy Statement, the relevant controllers are the affiliates of DEA TopCo LP and Digital Edge (Singapore) Holdings Pte Ltd.

Contact details:

Head of Legal and Compliance: joe.b@digitaledgedc.com

19. Definitions

“Cookie” means a small file that is placed on your device when you visit a website (including our Websites). In this Privacy Statement, a reference to a “Cookie” includes analogous technologies such as web beacons and clear GIFs.

“Controller” means the entity that decides how and why Personal Data are Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.

“Customer Portal” means any online portal that provides information or interactive functionality.

“Data Protection Authority” means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.

“Digital Edge”, “we”, “us”, “our” means DEA TopCo L.P., Digital Edge (Singapore) Holdings Pte Ltd., and their direct and indirect wholly owned and/or controlled subsidiaries.

“Facilities” means any of our offices and data centers and other property sites which we own, lease and/or operate in connection with our business.

“Network Services” means network connectivity services provided by us to our customers in connection with our data center services (e.g., cross connects, internet exchange and traditional voice, data and video connectivity services).

“Personal Data” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.

“Process”, “Processing” or “Processed” means anything that is done with any Personal Data, whether by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Processor” means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).

“Relevant Personal Data” means Personal Data in respect of which we are the Controller.

“Services” means all products and services offered by Digital Edge, including Network Services, whether available online or offline.

“Standard Contractual Clauses” means template transfer clauses adopted by the European Commission or adopted by a Data Protection Authority.

“Websites” means any of the Digital Edge websites operated, or maintained, by us or on our behalf, including our Customer Portal (including any mobile version of such websites), whether operated under the Digital Edge brand or other name that we own.

“Services” means all products and services offered by Digital Edge, including Network Services, whether available online or offline.

Annexure 1 – India Rider

India Rider

This addendum (“Addendum”) supplements the Digital Edge Privacy Statement and Practices (“Privacy Statement”) and sets forth, in greater detail, the information related to how Digital Edge processes Personal Data of users in India in compliance with applicable privacy regulations in India. The Addendum constitutes an integral part of the Privacy Statement.

Children’s privacy

Notwithstanding Section 17 of the Privacy Statement, we do not Process any Personal Data of children under the age of 18.

If you have any questions or inquiries in relation to this Privacy Statement, or would like to exercise your data subject rights, please direct your questions, inquiries or requests to:

Chief Legal and Compliance Officer

Name: Manish Sansi

Address: 903, C/66, G Block, One BKC Building, Opposite Bank of Baroda, Bandra (East), Mumbai – 400051

Annexure 2 – China Rider

China Rider

This addendum (“Addendum”) supplements the Digital Edge Privacy Statement and Practices (“Privacy Statement”) and sets forth, in greater detail, the information related to how Chuanjun Electronic Technology (Shanghai) Co., Ltd. and its direct and indirect subsidiaries (hereafter “Digital Edge”) processes personal data of users in the People’s Republic of China (“PRC”, for the purpose of this Addendum, excluding Hong Kong Special Administrative Region, Macau Special Administrative Region, and Taiwan) under the applicable privacy regulations in the PRC. The Addendum constitutes an integral part of the Privacy Statement.

Where we will seek your consent

Notwithstanding Section 1 of the Privacy Statement, we will obtain your consent to collect, use, share, transfer (including but not limited to overseas transfer), disclose or otherwise process your Personal Data (which term where used in this Addendum shall be deemed to include reference to Sensitive Personal Data) if and to the extent required by the applicable laws. Where required, we will obtain your explicit and/or separate consent for Processing of your Personal Data, including but not limited to disclosing your Personal Data with any third parties, overseas transfer of your Personal Data, direct marketing, Processing of your Sensitive Personal Data, etc. (if any).

Processing of Sensitive Personal Data

“Sensitive Personal Data” refers to data which, if breached, illegally provided or abused, may threaten personal or property safety and easily result in damage to personal reputation, or physical/mental health, or discrimination. Examples of Sensitive Personal Data include (but are not limited to) biometric data, religion, specific social status, medical health information, financial accounts, tracking/location information; and personal data of children 14 years of age or under.

Notwithstanding Section 2 of the Privacy Statement, we will seek your separate consent for Processing of your Sensitive Personal Data (if any) and implement appropriate protective measures to safeguard your Sensitive Personal Data.

Use of your Personal Data

We will obtain your consent if we would like to Process your Personal Data for purposes other than those stated in the Privacy Statement.

Automated decision making

Any analytics or evaluation based on computer program around behavior, interests, hobbies, credit information, health or decision-making activities, are transparent, open and fair, and do not apply any differential treatment between individuals.

You may opt out customized or personalized marketing conducted based on automated decision making. You may also request us to provide an explanation on any decisions that may materially impact you based on automated decision making, and deny our decision made solely based on automated decision making.

Disclosure of Personal Data to third parties

Notwithstanding Section 5 of the Privacy Statement, with your separate consent, we may disclose or share your Personal Data to third parties as below.

Fesco 北京外企人力资源服务有限公司 Beijing Foreign Enterprise Human Resource Service Co., Ltd.

Contact: 北京市朝阳区朝阳门南大街 14 号, No. 14 Chaoyangmen South Street, Chaoyang District, Beijing, +86 10 8569 1286

Purpose of use of personal information by the person receiving personal information: Payroll, bookkeeping and tax related services on behalf of Digital Edge.

Means and Method of Disclosure: Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network as required.

Categories of personal information transferred: For Employees and candidates for employment: name, age, bank account details, employee ID, dependents, passport, family relation certificate, employment agreement, contact information (phone, address, email, etc) and salary information. For suppliers and third parties: Any details included on invoices, including VAT number, bank details, transaction details related to the goods and services acquired by or from Digital Edge.

北京外企德科人力资源服务上海有限公司 Fesco Adecco Human Resources Service Shanghai Co., Ltd.

Contact: 上海市黄浦区中山南路 28 号久事大厦附楼, Annex building, Jiushi Building, No. 28, Zhongshan South Road, Huangpu District, Shanghai, +86 21 6358 9999

Purpose of use of personal information by the person receiving personal information: Payroll, bookkeeping and tax related services on behalf of Digital Edge.

Categories of personal information transferred: For Employees: name, age, bank account details, employee ID, dependents, passport, family relation certificate, employment agreement, contact information (phone, address, email, etc) and salary information. For suppliers and third parties: Any details included on invoices, including VAT number, bank details, transaction details related to the goods and services acquired by or from Digital Edge.

全景求是管理顾问（北京）有限公司 Panoramic Qiushi Management Consultant (Beijing) Co., Ltd.

Contact: 北京市朝阳区东四环中路 56 号远洋国际中心 A 座 23 层, 23F, Building A, Yuanyang International Center, No. 56, Middle Dongsihuan Road, Chaoyang District, Beijing, 4008151150

Purpose of use of personal information by the person receiving personal information: To conduct reference checks for hiring purpose.

Categories of personal information transferred: name, telephone number, email address, ID, nationality, address, working experience, contact and employment information (including details of compensation) relating to previous employment education history and proof For suppliers and third parties: Any details included on invoices, including VAT number, bank details, transaction details related to the goods and services acquired by or from Digital Edge.

上海开源智造软件有限公司 OS Consulting Group Limited

Contact: 上海市杨浦区国定东路 200 号 2 号楼 5 层, 5th Floor, Building 2, No. 200, Guoding East Road, Yangpu District, Shanghai

Purpose of use of personal information by the person receiving personal information: To conduct business workflow testing in Digital Edge’s ERP system.

Categories of personal information transferred: Contact Details: correspondence and business address, telephone number, email address, Work Order Details: records of work orders placed on our Customer Portal. Data Relating to Our Websites: your device type, operating system, browser type, browser settings, IP address, language settings, date and time of connecting to a Site.

Cross border transfer of Personal Data

Notwithstanding Section 1 of the Privacy Statement, we may, with your explicit and separate consent, transfer your Personal Data to recipients located outside of China, and your Personal Data may be stored in or accessed from outside of China, pursuant to legally acceptable mechanisms that are aimed at ensuring an adequate level of protection as regards your Personal Data under applicable laws, including but not limited to putting in place appropriate contractual agreements with the data recipients, and any other necessary measures to ensure the data recipient’s data processing activities comply with standards comparable to those set out under the applicable PRC laws and regulations.

We provide below the relevant information in relation to the cross-border transfer of your Personal Data:

Digital Edge (Singapore) Pte Ltd.

Country to which personal information is transferred: Singapore

8 Temasek Boulevard

#33-01/02 Suntec Tower Three

Singapore 038988

Time and method of transfer of personal information: Personal information is encrypted using a safe security server after collection and transferred to data server through information and communications network as required.

Categories of personal information transferred: E-mail address, encrypted password(s), name(s), phone numbers, registered social media (Line, WhatsApp, LinkedIn, etc.), address, and services acquired.

Purpose of use of personal information by the person receiving personal information: Storage and management of collected personal information of suppliers and third parties, Hosting and IT support, Business support – central support functions (service support, billing, communications, marketing, hiring of potential candidates and undertaking background checks, etc), Global business analysis of central support function at the Digital Edge Group level.

Period of retention and use of personal information by the person receiving personal information: Retain in accordance with Digital Edge Group data retention policy, (except where it is necessary to retain personal information under the relevant laws and regulations).

Digital Edge (Hong Kong) Limited

Country to which personal information is transferred: Hong Kong

Contact detail: Level 24, Central Plaza, 18 Harbour Road, Wan Chai, Hong Kong

Purpose of use of personal information by the person receiving personal information: Same as above.

Period of retention and use of personal information by the person receiving personal information: Same as above.

Cloudstaff Pty Ltd

Country to which personal information is transferred: Australia | Philippines

Contact detail: Level 11, 1 Margaret Street, Sydney, NSW 2000/ jaehyunl@cloudstaff.com

Categories of personal information transferred: Name, Surname, Address, Email Address, Telephone no., IP address, data collected on Digital Edge’s Customer Portal (Odoo.com).

Purpose of use of personal information by the person receiving personal information: General support service via chat service. Our Helpdesk staff and engineers may access this information in a limited and reasonable manner in order to solve any issue with our services, or at your explicit request for support reasons, or as required by law, or to ensure the security of our services in case of violation of our Acceptable Use Policy in order to keep our services secure.

Period of retention and use of personal information by the person receiving personal information: 2 years.

Odoo Limited

Country to which personal information is transferred: Singapore

Contact detail: Odoo S.A. – Data Protection, Chaussée de Namur, 40 1367 Grand Rosière, Belgium | Privacy Policy:

Categories of personal information transferred: Email address, name, postal address, telephone number(s), IP addresses, job applications (and if we decide to send you a job offer, we will also ask you to provide extra personal details as required to fulfill our legal obligations and personnel management requirements), browser language and geolocation.

Purpose of use of personal information by the person receiving personal information: Odoo does not use the personal data directly but provides cloud-based ERP Software as a service to Digital Edge which will use the data to support sales, operations, and billing services for our suppliers, customers and manages our Human Resource Information System, including our recruiting process.

Period of retention and use of personal information by the person receiving personal information: Information will be stored on the supplier’s server as long as the business need and will be accessed by Digital Edge’s personal only.

Metabase, Inc.

Country to which personal information is transferred: Virginia, USA

Contact detail: 660 4th Street, #557, San Francisco, CA 94107

Categories of personal information transferred: Email address, name, postal address, telephone number(s), IP addresses, browser language and geolocation and other anonymized data which can be found at: .

Purpose of use of personal information by the person receiving personal information: Metabase does not use the personal data directly but provides cloud-based business intelligence/data visualization software as a service to Digital Edge which will use the data to support decision making and operations. Metabase uses anonymized data to improve on the products and services offered to Digital Edge.

Period of retention and use of personal information by the person receiving personal information: Information will not be stored on Metabase’s servers – once the service or script is complete, the information is deleted and no longer stored or accessible on Metabase’s servers.

Trustifi LLC

Country to which personal information is transferred: Singapore

Contact detail: Trustifi LLC, 6543 S Las Vegas Blvd, Las Vegas, NV 89119

Telephone: 1-888-689-6680

Email: support@trustificorp.com

Time and method of transfer of personal information: Personal information is protected for both in transit and in rest by market standard’s encryption.

Categories of personal information transferred: E-mail address, E-mail content, Names and email addresses of senders/ recipients of emails; Photographs, images, and videos; Device identifiers – such as the Internet Protocol (IP) address and other types of unique device identifiers. Personal information which is collected and processed by Trustifi may also include sensitive data, which may reveal your ethnic origin, health data, religion, sexual orientation, etc.

Purpose of use of personal information by the person receiving personal information: Scan and encrypt files and email content to identify and filter out potential phishing attempts and viruses. As part of the scanning process, Trustifi may have access to various types of personal information set forth above, however, they will only use and process such information for the sole purpose of providing the services to Digital Edge (namely anti-phishing and anti-virus scanning).

Period of retention and use of personal information by the person receiving personal information: For as long as necessary to provide the services to Digital Edge, and as necessary to comply with Trustifi’s legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined to take into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.

Microsoft Regional Sales Pte Ltd.

Country to which personal information is transferred: Hong Kong and Singapore

Contact detail: Microsoft Data Protection Officer, One Microsoft Place, South County Business Park, Leopardstown Dublin 18 D18 P521, Ireland

Telephone: +353 (1) 706-3117
www.microsoft.com/en-hk/concern/privacy

Time and method of transfer of personal information: Data is transferred to supplier’s servers in encrypted tunnel and stored on the server with industrial lead encryption algorithm. The information will be transferred to the server from time to time.

Categories of personal information transferred: Email address, name, postal address, IP address, email content, Personal information may also include sensitive data, which may reveal your ethnic origin, health data, religion, sexual orientation, etc.

Purpose of use of personal information by the person receiving personal information: Microsoft provides cloud-based office suite used by Digital Edge, consisting of client software applications and connected experiences designed to enable customers like Digital Edge to create, communicate, and collaborate more effectively.

Period of retention and use of personal information by the person receiving personal information: Information will be stored on Microsoft’s server as long as necessary to provide the products and fulfill the transactions requested by Digital Edge, or for other legitimate purposes such as complying with its legal obligations, resolving disputes, and enforcing its agreements with Digital Edge. Because these needs can vary for different data types, actual retention periods can vary significantly.

Nuroho Software Consulting

Country to which personal information is transferred: Singapore

Contact detail: Jl. Margorejo Indah XV, Margorejo, Kec. Wonocolo, Kota SBY, Jawa Timur 60238, Indonesia

Telephone: +62 811-3057-1746
https://nurosoft.id

Categories of personal information transferred: Contact Details: correspondence and business address, telephone number, email address, Work Order Details: records of work orders placed on our

Customer Portal. Data Relating to Our Websites: your device type, operating system, browser type, browser settings, IP address, language settings, date and time of connecting to a Site.

Purpose of use of personal information by the person receiving personal information: For PT. Nuroho Software Consulting to conduct business workflow testing.

Period of retention and use of personal information by the person receiving personal information: Information will not be stored on Nuroho Software Consulting’s servers – once the service or script is complete, the information is deleted and no longer accessible by PT. Nuroho Software Consulting.

You may exercise your data subject rights as specified in Section 13 of the Privacy Statement. Data retention

Notwithstanding Section 12 of the Privacy Statement, we will keep your Personal Data for as long as necessary for the fulfillment of the purpose for which it is used, unless applicable law permits or requires a longer retention period.

Children’s privacy

Notwithstanding Section 17 of the Privacy Statement, we do not Process any Personal Data of children under the age of 14.

Contact

If you have any questions or inquiries in relation to this Privacy Statement, or would like to exercise your data subject rights, please direct your questions, inquiries or requests to:

Kevin Wang

Tel: +86 2163509990

Email: kevin.wang@digitaledgedc.com

Address: 1106, Level 11, Verdant Place, 128 West Nanjing Road, Shanghai 200003, P.R.China.

Annexure 3 – Philippines Rider

Philippines Rider

If you are a citizen or resident of Philippines, you have certain rights under the Philippines’ Data Privacy Act of 2012 (Republic Act No. 10173 or “the DPA”). Below, we provide a description of your rights regarding your personal information. Right to Damages You have the right to be indemnified for any damages sustained due to an inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of your Personal Data, taking into account any violation of your rights and freedoms as data subject. Transmissibility of your Rights Your lawful heirs and assigns may invoke the rights that pertain to you as a data subject in case of death, incapacity, or inability to exercise for yourself such rights. Anonymized Data Whenever Personal Data is described to have been anonymized, aggregated, or de-identified in such a way that it can no longer be considered as Personal Data under the DPA, anonymization means that Personal Data does not anymore relate to you or that Personal Data was rendered anonymous in such a manner that you are not or no longer identifiable.

Annexure 4 – California Rider

California Rider

If you are a California resident, as defined under California law, you have certain rights under the California Consumer Privacy Act of 2018 (“the CCPA”). Below, we provide a description of your rights regarding your personal information.

Right to know about the personal information we collect and share

Effective January 1, 2020, under the CCPA, you have the right to know the specific pieces of personal information we have collected about you in the past 12 months. This includes the categories of information we may have disclosed about you as well as the categories of third parties to whom your personal information may have been disclosed.

You may submit your request for this disclosure by clicking here and we will provide you with the requested information within 45 days once we validate your request.

Categories of information we collect and disclose for a business purpose

You can find the categories of personal information that we collect, the sources from which we may collect your personal information, and the business purposes for such data collection in our Privacy Practices. We have limited needs to share minimal personal information with vendors as described in our , and we never sell your personal information.

Our Privacy Practices cover additional disclosures about your personal information that the CCPA requires that we provide to you.

Right of Deletion

To the extent you are a person with whom we interact solely for marketing purposes, the following applies to you:

You have the right to request that we delete your personal information, subject to certain exceptions. After we receive and validate your request, we will delete your personal information, as well as direct our service providers to delete your personal information, unless an exception applies. You may request that we delete your data by clicking here to submit your request.

Annexure 5 – Japan Rider

Japan Rider

If you are a Japanese resident, as defined under Japanese law, we may process your Personal Data in accordance with the Act on the Protection of Personal Data (Act No. 57 of 2003) (the “APPI”) and you have certain rights under the APPI. Below, we provide a supplementary description of how we share your Personal Data with third parties under the APPI. The Addendum constitutes an integral part of the Privacy Statement.

In addition to the “COMMUNICATIONS AND MARKETING” section, the following clause shall apply. We may send periodic promotional or informational emails to you by obtaining your consent.

In addition to the “DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES” section, the following clause shall apply.

When we share your Personal Data with our affiliates, Head of Legal and Compliance: joe.b@digitaledgedc.com. Digital Edge (Singapore) Pte. Ltd. , 8 Temasek Boulevard, #33-01/02 Suntec Tower Three, Singapore 038988 is responsible for the management of the shared information. The Digital Edge affiliates which will receive Personal Data are:

Digital Edge (Singapore) Pte Ltd.

Country to which Personal Data is transferred: Singapore

Digital Edge (Singapore) Pte. Ltd.

8 Temasek Boulevard

#33-01/02 Suntec Tower Three

Singapore 038988

Time and method of transfer of Personal Data: Personal Data is encrypted using a safe security server after collection and transferred to data server through information and communications network as required

Categories of Personal Data: E-mail address, encrypted password(s), name(s), phone numbers, registered social media (Line, WhatsApp, LinkedIn, etc.), address, and services acquired.

Purpose of use of Personal Data the person receiving personal information: Storage and management of collected personal information of customers and potential customers, Hosting and IT support, Business support – central support functions (service support, billing, customer communications, marketing, hiring of potential candidates and undertaking background checks, etc), Global business analysis of central support function at the Digital Edge Group level.

Period of retention and use of Personal Data by the person receiving personal information: Retain in accordance with Digital Edge Group data retention policy, (except where it is necessary to retain personal information under the relevant laws and regulations).

Digital Edge (Hong Kong) Pte Ltd.

Country to which Personal Data is transferred: Hong Kong

Contact detail: Level 24, Central Plaza, 18 Harbour Road, Wan Chai, Hong Kong |

Categories of Personal Data transferred: E-mail address, encrypted password(s), name(s), phone numbers, registered social media (Line, WhatsApp, LinkedIn, etc.), address, and services acquired.

Purpose of use of Personal Data by the person receiving personal information: Same as above.

Period of retention and use of Personal Data by the person receiving personal information: Same as above.

We will obtain your consents when we share your Personal Data with marketing partners in general if it is required by the APPI.

The Section 13 “Your Rights” of the Privacy Statement shall be replaced by the following provisions. “Under the APPI, you may have the following rights regarding our Processing of your Personal Data: Right of Access. The right to request access to, or copies of, your Relevant Personal Data.

Right of Rectification and the Like. The right to request rectification, addition or deletion of any inaccuracies in your Relevant Personal Data.

Right to Restrict Use and the Like. The right to limit the way we Process your Relevant Personal Data or request us to delete the same if the data is used beyond the scope stipulated in this Privacy Statement, we have obtained your Relevant Personal Data by deceit, or our use of your Relevant Personal Data induces or promotes illegal or wrongful acts.

The forgoing rights are not intended to limit your statutory rights under the APPI or other applicable laws if any.

To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Privacy Statement, or about our Processing of your Relevant Personal Data, please send an email to.

Please note that in some cases it will be necessary to provide evidence of your identity before we can give effect to these rights.

In addition, where your request requires the establishment of additional facts (e.g., a determination of whether any Processing is non-compliant with applicable law) we will investigate your request promptly, before deciding what action to take.

In addition, where permitted under the APPI or any other applicable law, we may charge you a reasonable fee to access your Relevant Personal Data, however, we will advise you of any fee in advance of providing you access.”

Privacy Statement and Practices

Connect with us

Cookie Notice

Submit a ticket

Download Product Sheet

Download Spec Sheet