1. TYPES OF DATA WE COLLECT

1.1. “Personal Data” means data that allows someone to identify you individually, as well as any other non-public information about you that is associated with or linked to any of the foregoing.

1.2. The data that you may provide us is as follows:

1.2.1. When you use our Lysto Platform or contact us, we may collect Personal Data from you, such as:

1. name, including first and last name, user name;
2. mobile number(s);
3. email address;
4. city you reside in;
5. date of birth
6. gender,
7. device used by you,
8. number of hours of gaming by you;
9. genre and names of games, including RGM games that have been Playtested by you,
10. the feedback and Playtest video submitted by you after Playtesting; and
11. any other information you provide when you use our Lysto Platform; viz., if you provide us with feedback or contact us, we will collect your name and contact information, as well as any other content included in the message.

1.2.2. We may also collect Personal Data at other points where you voluntarily provide it or where we state that Personal Data is being collected, such as:

1. INFORMATION COLLECTED VIA TECHNOLOGY. As you navigate through and interact with our Lysto Platform, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
   1. Information collected by our servers: to provide our Services and make it more useful to you, we (or a third party service provider authorized by us) collect information from you, including, but not limited to, your browser type, operating system, internet protocol address, mobile device ID, and date/time stamps;
   2. Log files: we gather certain information automatically and store it in log files. This information includes internet protocol address, browser type, identity of the internet service provider (“ISP”), referring/exit pages, operating system, date/time stamps, and clickstream data. We use this information to analyse trends, administer the Service, track a User’s movements around the Lysto Platform, and better tailor our Services to our Users’ needs. For example, some of the information may be collected so that when you visit the Website, it will recognize you and the information can be used to personalize your experience;
   3. Cookies: we use cookies to collect information in order to analyse how Users/Members interact with our Lysto Platform, make improvements to our product quality, and provide Users with a tailormade experience. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them);
   4. Web beacons: web beacons allow us to analyse how Users/Members find our Service. This aids us in making the Lysto Platform more useful to you and to tailor your experience with us in order to meet your particular interests and needs;
   5. Do not track signals: Our systems do not currently recognize “do not track” signals or other mechanisms that might enable Users/Members to opt out of tracking on our site;
   6. Analytics services: In addition to the tracking technologies we place, like cookies and web beacons, other companies may set their own cookies or similar tools when you visit our Lysto Platform. This includes third-party analytics services (“Analytics Services”) that we engage to help analyse how Users/Members use the Lysto Platform. The information generated by the cookies or other technologies about your use of our Lysto Platform (“Analytics Information”) is transmitted to the Analytics Services. The Analytics Services use Analytics Information to compile reports on User/Member activity, which we may receive on an individual or aggregate basis. We use the information we get from Analytics Services to improve our Services. The Analytics Services may also transfer information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Services’ ability to use and share Analytics Information is restricted by such Analytics Services’ terms of use and privacy policy. By using our Lysto Platform, you expressly consent to the processing of data about you by Analytics Services in the manner and for the foregoing purposes; and
   7. Information Collected from Third-Party Companies. We may receive Personal Data about you from companies that offer their products and/or services for use in conjunction with our Services or whose products and/or services may be linked from our Website. We may add this to the data we have already collected from or about you through our Lysto Platform.

2. USE OF YOUR PERSONAL DATA

2.1. We process your Personal Data to run our business, provide the Service, personalize your experience on the Lysto Platform, and improve the Service. Specifically, we use your Personal Data to:

2.1.1. facilitate the creation and securing of your account as a Member;

2.1.2. identify you as a User or a Member on our Website;

2.1.3. improve the administration of our Services and quality of experience when you interact with the Lysto Platform, including, but not limited to, analysing how you and other Users and Members find each other and interact with the Lysto Platform;

2.1.4. provide customer support and respond to your requests, complaints and inquiries;

2.1.5. investigate and address conduct that may violate our Terms of Use;

2.1.6. detect, prevent, and address fraud, violations of our terms or policies, and/or other harmful or unlawful activity;

2.1.7. send you administrative notifications, such as security, support, and maintenance advisories;

2.1.8. send you notifications related to actions on the Lysto Platform, including notifications of offers;

2.1.9. send you newsletters, promotional materials, and other notices related to our Lysto Platform or third parties' goods and services;

2.1.10. respond to your inquiries related to any opportunities or other requests;

2.1.11. comply with applicable laws, cooperate with investigations by law enforcement or other authorities of suspected violations of law, and/or to pursue or defend against legal threats and/or claims; and

2.1.12. act in any other way we may describe when you provide Personal Data.

2.2. We may create anonymous or de-identified data records from Personal Data. We use this anonymous or de-identified data to analyse request and usage patterns so that we may improve our Services and enhance Service navigation.

2.3. We reserve the right to use anonymous or de-identified data for any lawful purpose including without limitation, enrichment of such data and to disclose such data to third parties without restriction.

3. DISCLOSURE OF YOUR PERSONAL DATA.

3.1. We disclose your Personal Data as described below and as described elsewhere in this Policy:

3.1.1. Third Party Service Providers. We may share your Personal Data with third party service providers to: (a) provide technical infrastructure services; (b) conduct quality assurance testing; (c) analyse how our Lysto Platform is used; (d) prevent, detect, and respond to unauthorized activities; provide technical and customer support; and/or (e) to provide other support to us in connection with the Services.

3.1.2. Affiliates. We may share some or all of your Personal Data with our holding company, subsidiaries, joint ventures, or other companies under our common control (“Affiliates”), in which case we will require our Affiliates to honour this, Policy.

3.1.3. Corporate Restructuring. We may share some or all of your Personal Data in connection with or during negotiation of any merger, financing, acquisition, or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Policy.

3.1.4. Legal Rights. Regardless of any choices you make regarding your Personal Data (as described in Section 5 below), Lysto may disclose Personal Data if it believes in good faith that such disclosure is necessary: (a) in connection with any legal investigation; (b) to comply with relevant laws or to respond to subpoenas, warrants, or other legal process served on Lysto; (c) to protect or defend the rights or property of Lysto or Users or Members of the Lysto Platform; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Policy, or our Terms of Use.

3.1.5. Other Disclosures. We may also disclose your Personal Data: (a) to fulfil the purpose for which you provide it; (b) for any other purpose disclosed by us when you provide it; or (b) with your prior consent.

4. THIRD-PARTY WEBSITES

Our Lysto Platform may contain links to third-party websites. When you click on any such link to another website or location, you will leave our Lysto Platform and go to another site, and another entity may collect Personal Data and other data from you. We have no control over, do not review, and cannot be responsible for these third-party websites or their content. Please be aware that the terms of this Policy do not apply to these third-party websites or their content, or to any collection of your Personal Data after you click on links to such third-party websites. We encourage you to read the privacy policies of every website you visit. Any links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.

5. YOUR RIGHTS

5.1. You have several choices regarding the use of information on our Lysto Platform:

5.1.1.Communication. We may periodically send you newsletters, targeted advertisements, emails and/or messages to your discord id or e-mail address (collectively, “Communication”), that directly promotes the use of our Lysto Platform or third parties’ goods and services. When you receive such Communication, you may indicate a preference to stop receiving the same by following the unsubscribe instructions provided in the Communication you receive or through the Notifications preferences in your settings page. Despite these preferences, we may send you service-related informational Communication which would require your attention.

5.1.2. If you decide at any time that you no longer wish to accept Cookies or other web beacons from our Lysto Platform for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Lysto Platform or all the functionalities of the Lysto Platform.

6. DATA ACCESS & CONTROL

6.1. You can view, access, edit, or delete your Personal Data for certain aspects of the Lysto Platform via your settings page. All capitalised words used under this section shall have the definition as provided under the applicable law. You may also have certain additional rights:

6.1.1. If you are a User/Member in the European Economic Area (“EEA”) or United Kingdom (“UK”), you have certain rights under the respective European and UK General Data Protection Regulations (“EU GDPR” and “UK GDPR” respectively). These include the right to:

1. request access and obtain a copy of your Personal Data;
2. be informed about the manner in which any of your Personal Data is collected or used which we have endeavoured to do by way of this Policy;
3. not be subject to a decision based solely on automated decision making, including profiling
4. request rectification or erasure;
5. object to or restrict the processing of your Personal Data; and
6. request portability of your Personal Data.
7. Additionally, if we have collected and processed your Personal Data with your consent, you have the right to withdraw your consent at any time.

6.1.2. If you are a User/Member in various states of the US, including without limitation, California, Colorado, Connecticut, Delaware, Iowa, Massachusetts, Montana, Nebraska, Nevada, New Hampshire, New York, Texas, Utah and Virginia, you have certain rights under federal and respective state consumer privacy protection legislations. These include the right to: :

1. request access to, details regarding, and a copy of the Personal Data we have collected about you and/or shared with third parties in a structured, commonly used, and machine-readable format;
2. request corrections to any inaccurate or incomplete Personal Data we maintain about you;
3. request deletion of the Personal Data that we have collected about you;
4. opt-out of sale or sharing of your Personal Data for targeted advertising or marketing purposes. We do not “sell” your personal information, including the Personal Data;
5. not to be discriminated against for exercising any of your privacy rights under applicable laws; and
6. appeal the decision, If you believe our response to your privacy request is inadequate.

If you wish to exercise your rights under the GDPR, other relevant consumer privacy laws enacted in the USA, or other applicable data protection or privacy laws in other jurisdictions, please contact us at the address provided in Section 13 below, specify your request, and reference the applicable law. We may ask you to verify your identity or ask for more information about your request. We will consider and act upon any such request in accordance with applicable law. We will not discriminate against you for exercising any of these rights.

7. DATA RETENTION

We may retain your Personal Data as long as you continue to use the Lysto Platform, have an Account with us, or for as long as is necessary to fulfill the purposes outlined in this Policy, unless you request modification or erasure of your Personal Data as per Section 6 of this Policy. We may continue to retain your Personal Data even after you deactivate your Account and/or cease to use the Lysto Platform if such retention is reasonably necessary to comply with our legal obligations, to resolve disputes, prevent fraud and abuse, enforce our Terms of Use or other agreements, and/or protect our legitimate interests. Where your Personal Data is no longer required for these purposes, we will delete it.

8. SECURITY

8.1. We prioritize the security of your Personal Data and implement industry-standard technical, organizational, and administrative measures to protect it from unauthorized access, use, loss, destruction, or disclosure. Our security framework includes a variety of technologies and procedures, such as PBKDF2, AES256, TLS1.2, and SHA256 encryption, particularly for sensitive data like credit card details and geo-location information.

8.2. We have implemented appropriate security measures across all our digital platforms, including internal applications. However, no security system is entirely impenetrable, and we cannot guarantee absolute protection against security breaches. We shall not be responsible for any unauthorized access or disclosure of Personal Data due to reasons beyond our reasonable control, including hacking, social engineering, cyber terrorism, espionage, or force majeure events such as sabotage, fire, flood, explosion, acts of God, civil unrest, strikes, riots, war, or governmental actions.

8.3. In the event of a security breach affecting Personal Data under our custody and control, we will take immediate steps to investigate, mitigate, and remediate the situation. Where required by applicable laws, we will notify affected individuals and relevant authorities in accordance with regulatory obligations.

9. MINORS

Our Terms of Use require all Users and Members to be at least 18 (eighteen) years old. Users and Members who are under eighteen (18) years old may use a parent or guardian’s Account, but only with the involvement of the Account holder. If a User or Member under 18 (eighteen) years of age submits Personal Data to Lysto (without the supervision of a parent or guardian) and we learn that the Personal Data is the information of a User under 18 (eighteen) years of age, we will endeavour delete the information as soon as possible. If you believe that we might have any Personal Data from a User or Member under 18 (eighteen) years of age, please contact us by using the address indicated in Section 13 below.

If you are a User/Member from USA, you have to be at least 13 (thirteen) years old. The same terms as mentioned above shall apply to any person below the age of 13 (thirteen).

10. TRANSFER OF PERSONAL DATA OUTSIDE SINGAPORE

We generally do not transfer your Personal Data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the Personal Data Protection Act, 2012.

11. TRANSFER OF PERSONAL DATA OUTSIDE EEA AND UK.

11.1. In providing Services to you, you understand that we may transfer your Personal Data to different locations around the world. For Users/Members resident in the EEA or UK, where your Personal Data is transferred from the EEA or UK to a recipient outside the EEA or UK to a third country not recognized as providing an adequate level of protection for personal data, such transfer shall be covered by a framework recognized by the relevant authorities or courts as providing an adequate level of protection for personal data, including, but not limited to, Module 2 (C2P) of Standard Contractual Clauses (“SCCs”) or the UK Addendum to the SCCs (“UK Addendum”) , the terms of which shall be incorporated by reference.

12. CHANGES TO THIS POLICY

12.1. This Policy may be updated from time to time for any reason. We will notify you of any changes to our Policy by posting the new Policy at https://lysto.gg/policies/privacy. The date the Policy was last revised is identified at the end of this Policy. You are responsible for periodically visiting our Lysto Platform and this Policy to check for any changes.

13. DATA PROTECTION OFFICER.

13.1. If you have any questions or concerns or complaints about our Policy or our data collection or processing practices, or if you want to report any security violations to us, please get in touch with our data protection officer as per the contact information set out below.

NAME: Sadiq Ahamed ADDRESS: 20, Bendemeer Road, #03-12 BS Bendemeer Centre, Singapore -- 339 914 EMAIL: info@lysto.io

13.2. If you need to contact statutory authorities in your jurisdiction, in relation to the subject matter hereof, please refer to the following:

13.2.1. In the European Economic Area: contact details of EU data protection authorities can be found athttps://www.edpb.europa.eu/about-edpb/about-edpb/members_en

13.2.2. In the United Kingdom, you can contact the Information Commissioner's Office at https://ico.org.uk/.

13.2.3. In the United States, you can contact the Attorney General’s Office of the State you reside in.