When you register to use our Website, App, or Platform, we collect personal information (also referred to
as personally identifiable information or “PII”) which may include your name, online contact information
such as your email address or username, phone number, and other personal information. The information
so collected will be stored on our servers. You are able to change your personal information via email by
contacting us at privacy@vurse.com or through your profile or account settings on our Website, App, or
Platform.

1. Geolocation and Equipment Information. We may collect information that does not personally
   identify you such as (i) your geolocation, and (ii) information about your internet connection, the
   equipment you use to access our Website, App, or Platform, and usage details.


2. Financial Information. We currently do not collect or store any credit cards or bank information,
   as we are using a third-party payment processor. However, we will update this Privacy Policy
   when we start using and storing such information. We will also inform you via reasonable means
   if we start collecting such information from you.

We collect personal information from you in the following ways:

1. At registration on our Website, App, or Platform;
2. Through mobile and desktop applications your downloads from our Website, App, or Platform,
   which provides dedicated non-browser based interaction between you and our Website, App, or
   Platform;
3. When you interact with our advertising and applications on third-party website and services, if
   those applications or advertising include a link to this Privacy Policy;
4. From you placing an order, which includes details of transactions you carry out on our Website,
   App, or Platform;
5. When you subscribe to a newsletter;
6. From your responses to a survey;
7. From forms filled out by you;
8. From records or copies of correspondences (including email addresses) if you contact us; and
9. From search queries on our Website, App, or Platform.

We collect information from you automatically when you navigate through our Website, App, or Platform
in the following ways:

1. Usage details;
2. IP addresses;
3. Information obtained through browser cookies;
4. Information obtained through flash cookies;
5. Web beacons on our Website; and
6. Other tracking technologies.

We use the information that you provide to:

1. Personalize your experience in using our Platform;
2. Provide you with information, products, or services requested from us;
3. Present our Website, App, and Platform and their contents to you;
4. Provide you with notices about account and/or subscription, including expiration and renewal
   notices;
5. Carry out obligations and enforce rights arising from contracts entered into between you and us,
   including billing and collection;
6. Notify you about changes to our Website, App, and Platform and any products or services;
7. Allow you to participate in interactive features on our Website, App, and Platform;
8. Improve the Website, App, and Platform;
9. Improve our customer service;
10. Administer contests, promotions, and surveys or other Website, App, and Platform features;
11. Process transactions;
12. Send you periodic emails, in accordance with the CAN-SPAM Act of 2003 as detailed in Section
    14, via the email address provided by you to (i) send information, respond to inquiries, and/or
    other requests or questions; (ii) process orders and send information and updates pertaining to
    such orders; (iii) send additional information related to your product and/or service; and (iv)
    market to our mailing list or continue to send email to you after the original transaction has
    occurred.

Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and
receive identifiers and other information on computers, phones, and other devices. Other technologies,
including data we store on your web browser or device, identifiers associated with your device, and other
software, are used for similar purposes. In this Privacy Policy, we refer to all of these technologies as
“Cookies.”

We use Cookies on our Website and App to (a) help remember and process items in the shopping cart, (b)
understand and save your preferences for future visits, (c) keep track of advertisements, and (d) compile
aggregate data about site traffic and site interactions in order to offer better site experiences and tools
in the future. You can set your browser to refuse all or some browser Cookies, but it may affect your user
experience. We honor Do Not Track signals and, if one is in place, we will not track, plant cookies, or use
advertising.

We allow third party behavioral tracking and links to third-party web pages. Occasionally, at our
discretion, we may include or offer third-party products or services on our Website, App, or Platform. These
third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or
liability for the content and activities of these linked sites. Nonetheless, we seek to protect the
integrity of our Website, App, or Platform and welcome any feedback at about these sites. Please contact us
at privacy@vurse.com.

Our Website and App are reasonably scanned to meet or exceed PCI Compliance. Our Website and App receive
regular security scans and penetration tests. Our Website and App also receive regular malware scans. In
addition, our Website and App use an SSL certificate as an added security measure. We require username and
passwords for our employees who can access your personal information that we store and/or process on our
Platform and servers. In addition, we actively prevent third parties from getting access to your personal
information that we store and/or process on our Platform and servers. We accept payment by credit card
through a third party credit card processor on our behalf. We will implement reasonable security measures
every time you (a) place an order, or (b) enter, submit, or access your information, (c) register, or (d)
access our Platform, on our Website and App.

1. Security Measures. We have implemented measures designed to secure your personal information from
   accidental loss and from unauthorized access, use, alteration, and disclosure. All information you
   provide to us is stored on our secure servers behind firewalls. The safety and security of your
   information also depends on you. Where we have given you (or where you have chosen) a password for
   access to certain parts of our Website, App, or Platform, you are responsible for keeping this password
   confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of
   information via the internet is not completely secure. Although we do our best to protect your personal
   information, we cannot guarantee the security of your personal information transmitted to our Website,
   App, or Platform. Any transmission of personal information is at your own risk. We are not responsible
   for circumvention of any privacy settings or security measures contained on our Website, App, or
   Platform.


2. Fair Information Practice Principles. In the event of a personal data breach, we will notify you within
   48 hours via (i) email and/or (ii) our Platform notification system on our Website and/or App. We agree
   to the individual redress principle, which requires that individuals have a right to pursue legally
   enforceable rights against data collectors and processors who fail to adhere to the law. This principle
   requires not only that individuals have enforceable rights against data users, but also that that
   individuals have recourse to courts or a government agency to investigate and/or prosecute
   non-compliance by data processors.

There are times when we may share Personal Information that you have shared with us may be shared by Vurse
with others to enable us to provide you over Services, including contractors, service providers, and third
parties (“Partners”). This section discusses only how Vurse may share such information with Partners. We
will ensure that our Partners protect your Personal Information. The following describe how and with whom we
may share your Personal Information:

Disclosure of Personal Information.

1. We may disclose aggregated, de-personalized information about you that does not identify any individual
   to other parties without restriction, such as for marketing, advertising, or other uses.
2. We may disclose personal information to our subsidiaries and affiliates.
3. We may disclose personal information in the event of a merger, sale of business, etc.
4. We require all other Partners, to whom we disclose your personal information, to enter into contracts
   with us to keep personal information confidential and use it only for the purposes for which we disclose
   it to such Partners.
5. We disclose personal information to fulfill the purpose for which you have provided it, for instance,
   if you gave us an email address to use the “email a friend” feature of the Platform.
6. We may only disclose personal information as described in this Privacy Policy or your consent.

Other Disclosure of Personal Information.

1. We will disclose personal information (i) to comply with any court order, law, or legal process,
   including to respond to any government or regulatory request, (ii) to enforce or apply our Terms of Use
   or Terms of Service and other agreements, including for billing and collection purposes, (iii) if we
   believe it is necessary or appropriate to protect the rights, property, or safety of Vurse, our
   customers or others, and/or (iv) if it is necessary or appropriate to protect the rights, property, or
   safety of Vurse, our customers, or others, and this includes exchanging information with other companies
   and organizations for the purposes of fraud protection and credit risk reduction.

Third Party Disclosure.

1. We do not sell, trade, rent, or otherwise transfer personal information to others, unless we provide you
   with advance notice. This does not include our hosting partners and other parties who assist us in
   operating our Website, App, or Platform, conducting our business, or servicing you, so long as those
   parties agree to keep this information confidential.
2. We provide non-personally identifiable visitor information for marketing purposes.

Choices Users Have About How Vurse Uses and Discloses Information.

1. Tracking Technologies and Advertising. You can set their browser to refuse some or all the browser
   cookies, but if youdisable or refuse cookies, some parts of our Website may not be accessible or
   function properly.


2. Disclosure of Users’ Information for Third-Party Advertising. Users can opt-out by (i) checking the
   relevant form when we collect the data; (ii) logging into the Website, App, or Platform and adjusting
   their preferences in their account profile by checking or unchecking the relevant boxes, or (iii)
   emailing us their opt-out request at privacy@vurse.com. Users receiving promotional email can opt-out by
   sending a return email requesting to be omitted from future promotional email distributions. This
   opt-out will not apply to information provided by Vurse for product purchases, warranty registration, or
   other transactions.

Google, as a third-party vendor, uses Cookies to serve advertisements to Users on our Website, App, and
Platform. Google uses first-party Cookies, such as Google Analytics Cookies, to compile data regarding User
interactions with ad impressions and other ad service functions as they relate to our Platform. We currently
use Google Analytics to collect and process certain Website and App usage data. To learn more about Google
Analytics and how to opt-out, please visit https://policies.google.com/privacy/google-partners.

We have implemented advertising features on our Website, App, and Platform including: (a) remarketing with
Google AdSense; (b) Google Display Network Impression Reporting; (c) Google Demographics and Interests
Reporting; and (d) Google’s DoubleClick platform integration.

We use these Cookies to compile data regarding User interactions with ad impressions and other ad service
functions as they relate to our Website or App.

We are headquartered in the United States. Most of the operations are located in United States. Your Personal
Information, which you give to us during  registration or use of our Website, App or Platform, may be
accessed by or transferred to us in the United States.  If you are visiting our Web site or registering for
our Services from outside the United States, be aware that your Personal Information may be transferred to,
stored, and processed in the United States. Our servers or our third-party hosting services partners are
located in the United States.  By using our site, you consent to any transfer of your Personal Information
out of Europe, UK, or Switzerland for processing in the US or other countries. 

1. We will comply with the EU Standard Contractual Clauses with respect to the transfer of Personal Data
   from the EU to the US for processing. If there is any conflict between the terms and conditions in this
   Privacy Policy and your rights under the EU Standard Contractual Clauses, the terms and conditions in
   the EU Standard Contractual Clauses will govern. For the purposes of this Privacy Policy, “EU Standard
   Contractual Clauses” mean the standard contractual clauses for the transfer of personal data to
   processors established in the US. (Commission Decision 2010/87/EC).

1. Obligations of the data importer (processors)

The data importer agrees and warrants:

1. to process the personal data only on behalf of the data exporter and in compliance with its instructions
   and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly
   the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the
   transfer of data and/or terminate the contract;
2. that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the
   instructions received from the data exporter and its obligations under the contract and that in the
   event of a change in this legislation which is likely to have a substantial adverse effect on the
   warranties and obligations provided by the Clauses, it will promptly notify the change to the data
   exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of
   data and/or terminate the contract;
3. that it has implemented the technical and organizational security measures before processing the
   personal data transferred;
4. that it will promptly notify the data exporter about:
   • any legally binding request for disclosure of the personal data by a law enforcement authority
     unless otherwise prohibited, such as a prohibition under criminal law to preserve the
     confidentiality of a law enforcement investigation,
   • any accidental or unauthorized access, and
   • any request received directly from the data subjects without responding to that request, unless
     it has been otherwise authorized to do so;
5. to deal promptly and properly with all inquiries from the data exporter relating to its processing of
   the personal data subject to the transfer and to abide by the advice of the supervisory authority with
   regard to the processing of the data transferred;
6. at the request of the data exporter to submit its data processing facilities for audit of the processing
   activities covered by the Clauses which shall be carried out by the data exporter or an inspection body
   composed of independent members and in possession of the required professional qualifications bound by a
   duty of confidentiality, selected by the data exporter, where applicable, in agreement with the
   supervisory authority;
7. to make available to the data subject upon request a copy of the Clauses, or any existing contract for
   sub-processing, unless the Clauses or contract contain commercial information, in which case it may
   remove such commercial information, with the exception of Appendix 2 which shall be replaced by a
   summary description of the security measures in those cases where the data subject is unable to obtain a
   copy from the data exporter;
8. that, in the event of sub-processing, it has previously informed the data exporter and obtained its
   prior written consent;

2. Obligations of the data exporter

The data exporter agrees and warrants:

1. that the processing, including the transfer itself, of the personal data has been and will continue to
   be carried out in accordance with the relevant provisions of the applicable data protection law (and,
   where applicable, has been notified to the relevant authorities of the Member State where the data
   exporter is established) and does not violate the relevant provisions of that State;
2. that it has instructed and throughout the duration of the personal data processing services will
   instruct the data importer to process the personal data transferred only on the data exporter's behalf
   and in accordance with the applicable data protection law and the Clauses;
3. that the data importer will provide sufficient guarantees in respect of the technical and organizational
   security measures;
4. that after assessment of the requirements of the applicable data protection law, the security measures
   are appropriate to protect personal data against accidental or unlawful destruction or accidental loss,
   alteration, unauthorized disclosure or access, in particular where the processing involves the
   transmission of data over a network, and against all other unlawful forms of processing, and that these
   measures ensure a level of security appropriate to the risks presented by the processing and the nature
   of the data to be protected having regard to the state of the art and the cost of their implementation;
5. that it will ensure compliance with the security measures;
6. that, if the transfer involves special categories of data, the data subject has been informed or will
   be informed before, or as soon as possible after, the transfer that its data could be transmitted to a
   third country not providing adequate protection within the meaning of Directive 95/46/EC;
7. to make available to the data subjects upon request a copy of the Clauses, with a summary description of
   the security measures, as well as a copy of any contract for sub-processing services which has to be
   made in accordance with the Clauses, unless the Clauses or the contract contain commercial information,
   in which case it may remove such commercial information; and 
8. that, in the event of sub-processing, the processing activity is carried out in at least the same level
   of protection for the personal data and the rights of the data subject as the data importer under the
   Clauses.

3. Liability

1. The parties agree that any data subject, who has suffered damage as a result of any breach of the
   obligations referred above by any party or sub-processor is entitled to receive compensation from the
   data exporter for the damage suffered.


2. If a data subject is not able to bring a claim for compensation in accordance with paragraph a against
   the data exporter, arising out of a breach by the data importer or his sub-processor of any of their
   obligations referred to above, because the data exporter has factually disappeared or ceased to exist in
   law or has become insolvent, the data importer agrees that the data subject may issue a claim against
   the data importer as if it were the data exporter, unless any successor entity has assumed the entire
   legal obligations of the data exporter by contract of by operation of law, in which case the data
   subject can enforce its rights against such entity.


3. If you are a resident of or a visitor to Europe, you have certain rights with respect to the processing
   of your Personal Data, (referred here as Personal Information), as defined in the GDPR.


4. Please note that in some circumstances, we may not be able to fully comply with your request, or we may
   ask you to provide us with additional information in connection with your request, which may be Personal
   Information, for example, if we need to verify your identity or the nature of your request. 


5. In such situations, however, we will still respond to let you know of our decision. As used herein,
   “Personal Information” means any information that identifies you as an individual, such as name,
   address, email address, IP address, phone number, business address, business title, business email
   address, company, etc. 


6. To make any of the following requests, please contact us (i) via email at privacy@vurse.com, or (ii) by
   writing to us at Vurse, 1002 Arenco Tower, Dubai, UAE.
   
   
   1. Access: You can request more information about the Personal Information we hold about you. You
      can also request a copy of the Personal Information.
   2. Rectification: If you believe that any Personal Information we are holding about you is
      incorrect or incomplete, you can request that we correct or supplement such data. Please contact
      us as soon as possible upon noticing any such inaccuracy or incompleteness.
   3. Objection: You can contact us to let us know that you object to the collection or use of your
      Personal Information for certain purposes.
   4. Erasure: You can request that we erase some or all of your Personal Information from our
      systems.
   5. Restriction of Processing: You can ask us to restrict further processing of your Personal
      Information.
   6. Portability: You have the right to ask for a copy of your Personal Information in a
      machine-readable format. You can also request that we transmit the data to another entity where
      technically feasible.
   7. Withdrawal of Consent: If we are processing your Personal Information based on your consent (as
      indicated at the time of collection of such data), you have the right to withdraw your consent
      at any time. Please note, however, that if you exercise this right, it may limit your ability to
      use some/ all of our Services or Platform and you may have to then provide express consent on a
      case-by-case basis for the use or disclosure of certain of your Personal Information, if such
      use or disclosure is necessary to enable you to utilize some or all of our Services and
      Platform.
   8. Right to File Complaint: You have the right to lodge a complaint about our practices with
      respect to your Personal Information with the supervisory authority of your country or EU Member
      State. Please go to
      https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm to
      locate your Data Protection Authority.
   9. Response. We will respond to your inquiry within thirty (30) days of the receipt. 

This Section supplements the information contained in our Privacy Policy above and applies solely to all
visitors, users, and others to our Website, App, or Platform, who reside in Canada (“consumers” or “you”).
We ensure with the Personal Information Protection and Electronics Document Act of 2000 (“PIPEDA”) and any
terms defined in the PIPEDA have the same meaning when used in this Section. 

1. Definition of Personal Information.  Any information about an identifiable individual. Whatever may be
   the physical form or characteristics of a particular regime for “business contact information” (name,
   position, title, address, professional phone number, etc.) 


2. Right to Access Personal Information.  You can request to access your personal information we hold about
   you. We will first confirm whether you have requested such information, explain how we have used your
   information, provide a list of names with whom your information has been shared and provide a copy of
   your information in an accessible format and make alternative formats available if requested. 



3. Right to Correction/Limited Right to Deletion.  You can request us to correct or delete your information
   IF you demonstrate that the personal information we hold on you is inaccurate. We will delete or correct
   your information within thirty (30) calendar days. When we delete/correct your personal information we
   will inform the third parties with whom we have shared your information. 


4. Right to be Forgotten.  Your information will be kept with us for as long as it is required for the
   fulfillment of the purposes of Vurse platform. Unless we otherwise give you notice, we will retain your
   Information on the Vurse Platform on your behalf until such times as you or we terminate your User
   Account.


5. Data Breach Notification.  We will send a notification to you as soon as feasible regarding the
   information of any breach that creates a “real risk of significant harm” to you. We keep a record of
   every data breach and, on request, provide the Office of the Privacy Commissioner with access to the
   record. 


6. Canadian Privacy Officer.  We have appointed a Canadian Privacy and Data Protection Officer, [Name]
   [Email ID], to make sure the privacy rights of our Canadian users are protected in compliance with
   PIPEDA.  


7. Two Factor Authentication. You may enable two-factor authentication on your account to help ensure that
   only you can access your account. If you do, in addition to entering your password to log in to your
   account to access the Vurse Platform, we will send a code to your mobile number, which you will need to
   enter. This added security prevents anyone else from accessing your Vurse account unless they have
   access to your login information.


8. Contact Information. You may contact us (i) at [Email ID], or (ii) by writing to us at Privacy Officer,
   at 1002 Arenco Tower, Dubai, UAE to (i) make a Personal Information Request, (ii) correct or delete your
   personal information, (iii) discuss our Privacy Policy and/or anything that has to do with it. We will
   respond within thirty (30) calendar days of receiving such a request or query. Additionally, in order
   for us to respond to your request or query, we will need to collect information from the requesting
   party to verify their identity.

Vurse does not sell, trade, or otherwise transfer to outside third parties your “Personal Information” as
the term is defined under the California Civil Code Section § 1798.82(h). Additionally, California Civil
Code Section § 1798.83 permits Users of our Website, App, or Platform that are California residents to
request certain information regarding our disclosure of their Personal Information to third parties for
their direct marketing purposes. To make a request for such disclosure, or identification and/or deletion of
Personal Information in all our systems that we store on you, please send an email to privacy@vurse.com or
write us at Vurse, 1002 Arenco Tower, Dubai, UAE.

Note that (i) if we delete your Personal Information as requested, we will no longer be able to provide our
services to you and (ii) we may need to keep such Personal Information for a while during the shutting down
and billing process. If you would like to discuss our Personal Information storage and processing process
with us, please send us an email at privacy@vurse.com or write us at Vurse, 1002 Arenco Tower, Dubai, UAE.

The Children’s Online Privacy Protection Act (“COPPA”) is a federal legislation that applies to entities
that collect and store “Personal Information,” as the term is defined under COPPA, from children under the
age of 13. We are committed to ensure compliance with COPPA. Our Website, App, and Platform are not meant
for use by children under the age of 13. Our Website, App, and Platform do not target children under the age
of 13, but we do not age-screen or otherwise prevent the collection, use, and personal disclosure of persons
identified as under 13. If you would like to know more about our practices and specifically our practices in
relation to COPPA compliance, please email us at privacy@vurse.com.

IF YOU ARE UNDER 13, PLEASE DO NOT ACCESS OR USE OUR WEBSITE, APP, OR PLATFORM.

The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have
businesses stop emailing them, and spells out penalties for violations. Per the CAN-SPAM Act, we will:

1. not use false or misleading subjects or email addresses;
2. identify the email message as an advertisement in some reasonable way;
3. include the physical address of Vurse, which is 1002 Arenco Tower, Dubai, UAE;
4. monitor third-party email marketing services for compliance, if one is used;
5. honor opt-out/unsubscribe requests quickly; and
6. give an “opt-out” or “unsubscribe” option.

If you wish to opt out of email marketing, follow the instructions at the bottom of each email or contact us
at privacy@vurse.com and we will promptly remove you from all future marketing correspondences.

Vurse reserves the right, at its sole discretion, to change or modify this Privacy Policy at any time. In
the event we modify this Privacy Policy, such modifications shall be binding on you only upon your
acceptance of the modified Privacy Policy. We will inform you about the modifications on our Privacy Policy
page via email, on our Website, App, or Platform by posting a modified version of the Privacy Policy page,
or by a comparable means within a reasonable time period. Your continued use of our Website, App, or
Platform shall constitute your consent to such changes.

Vurse uses the following third-party service providers for the provision of services as detailed under the
Terms of Use or Terms of Service, as applicable

Additionally, if you have any questions or concerns about our third-party service providers, please email
us at privacy@vurse.com.

If you believe that any content on our Website, App, or Platform violates your copyright, and you wish to
have the allegedly infringing material removed, the following information in the form of a written
notification (pursuant to the Digital Millennium Copyright Act of 1998 (“DMCA Takedown Notice”)) must be
provided to our designated Copyright Agent.

1. Your physical or electronic signature;
2. Identification of the copyrighted work(s) that you claim to have been infringed;
3. Identification of the material on our Website, App, or Platform that you claim is infringing and that
   you request us to remove;
4. Sufficient information to permit us to locate such material;
5. Your address, telephone number, and email address;
6. A statement that you have a good faith belief that use of the objectionable material is not authorized
   by the copyright owner, its agent, or under the law; and
7. A statement that the information in the notification is accurate, and under penalty of perjury, that you
   are either the owner of the copyright that has allegedly been infringed or that you are
   authorized to act on behalf of the copyright owner.

Vurse’s Copyright Agent to receive DMCA Takedown Notices is [CONTACT PERSON], at privacy@vurse.com and at
Vurse, Attn: DMCA Notice, 1002 Arenco Tower, Dubai, UAE. You acknowledge that for us to be authorized to
take down any content, your DMCA Takedown Notice must comply with all the requirements of this Section.
Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a
written notification automatically subjects the complaining party to liability for any damages, costs and
attorney’s fees incurred by Vurse in connection with the written notification and allegation of copyright
infringement.

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

• Privacy Officer
• Email: [EMAIL ADDRESS]
• Address: Vurse, 1002 Arenco Tower, Dubai, UAE

PLEASE NOTE: IF YOU USE OUR WEBSITE, APP, OR PLATFORM, YOU HAVE AGREED TO
AND ACCEPTED THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY AND THE TERMS
AND CONDITIONS SET FORTH IN OUR TERMS OF USE OR OUR TERMS OF SERVICE, AS
APPLICABLE. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY OR OUR
TERMS OF SERVICE, PLEASE DO NOT USE OUR WEBSITE, APP, OR PLATFORM.