This privacy notice ('Privacy Notice') describes how Athena Security ('we' or 'us') collects, uses, shares, and retains personal information that you provide to us, or that we collect, when you use the Athena Security website located at https://www.athena.ae and other websites owned or controlled by Athena Security (the 'sites') or related mobile applications, complete related forms, or communicate with one of our customer service representatives ('personal data').

Please note that if you disagree with anything in this privacy notice, you must not use the sites or mobile applications, or provide personal information to us in connection with Athena Security's products or services.

Table of contents:

1. Collection of personal information
2. Use, sharing and retention of personal information
3. How to contact Athena Security and modify your information or preferences
4. Modifications to this privacy notice
5. Questions, concerns or complaints

1. Collection of personal information

a. Information you directly and voluntarily provide to us

Enquiry: If you provide your personal data to Athena Security to enquire about our products and service, or if you sign up to become a registered user of any website operated by Athena Security, you will be required to provide certain information as part of the registration process. This information may include your first and last name, email address, telephone number and business or home address.

Membership information is used to communicate with you, to design content and activities that we believe would be of interest to you, and to ensure that Athena Security will not violate any applicable sanctions in providing you access to Athena Security's products and services. If you wish to opt-out of receiving these communications from us, please follow the instructions contained in an applicable communication you receive from us.

Communications with Athena Security: If you communicate or correspond with us by email, through postal mail, via phone or through other forms of communication, we may collect the information you provide as part of those communications. For example, if you correspond with us through email, we may collect and store the email address you use to send the applicable correspondence and use it to respond to your enquiry; to notify you of Athena Security events, or other services; or to keep a record of your request, and similar purposes.

b. Information we automatically collect from you

We may automatically collect information about you when you use the sites or our services. For example, if you access the sites through a computer, we will automatically collect information such as your browser type and version, computer and connection information, IP address, pages you have visited and standard web log information. If you access the sites through a mobile device, we may also be able to identify the location of your mobile device. You may choose not to share your location details with us by adjusting your mobile device's location services settings. For instructions on changing the relevant settings, please contact your service provider or device manufacturer.

We may automatically collect information from you when you use the sites using 'cookies' and other similar technologies, such as web beacons. Cookies are small amounts of data that are stored within your computer's internet browser and that are accessed and recorded by the websites that you visit so that they can recognise the same browser navigating online at a later time. The cookies are not able to execute code or access other information stored on the computer. Web beacons are transparent pixel images that are used in collecting information about website usage, email response and tracking.

In addition to those mentioned above, third parties may also set cookies when you visit the site. In some cases, that is because we have hired a third party to provide services on our behalf, such as an enquiry form. Because your browser connects to those third parties, they are able to set or read their own cookies on your device and may collect information about your online activities (but not any personally identifiable data) across websites or online services.

Information that may be collected by cookies when you use the sites may include, without limitation:

• the pages you visit within the sites
• the date and time of your visit to the sites
• the amount of time you spend using the sites
• the Internet Protocol (IP) address used to connect your computer to the internet
• your computer and connection information such as your browser type and version, operating system and platform

This information is collected to enhance the site performance and end user experience. You can set your browser to reject cookies or to notify you when you are sent a cookie. To learn more about your ability to manage cookies and web beacons, please consult the privacy features in your browser.

c. Information you provide to payment processors

2. Use, sharing and retention of personal information

a. How we use your information

In general, we use the information we collect primarily to provide, maintain, protect, and improve our current products and services, and to develop new ones. This allows us to:

• Facilitate the creation of and security of your account on our network
• Identify you as a user in our services
• Improve our services, website and how we operate our business
• Understand and enhance your experience using our website, products and related services
• Respond to your comments or questions (and for our support team to provide service)
• Send you related information, including confirmations, invoices, technical notices, updates, security alerts and support and administrative messages
• Communicate with you about promotions, upcoming events and news regarding products and services offered by Athena Security
• Link or combine it with other information we get from third parties, to help us understand your needs and provide you with better service
• Protect, investigate and deter against fraudulent, unauthorised or illegal activity

b. Information for individuals located in the European Union

Legal basis for the processing of personal information from EEA residents

If you reside within the European Economic Area (EEA), our processing of your personal information will be legitimised as follows:

Whenever we require your consent for the processing of your personal information such processing will be justified pursuant to Article 6(1) lit (a) of the General Data Protection Regulation (EU) 2016/679 ('GDPR'). This article in the GDPR describes when processing can be done lawfully. If the processing of your personal data is necessary for the performance of a contract between you and Athena Security or for taking any pre-contractual steps upon your request, such processing will be based on GDPR Article 6(1) lit (b). If this data is not processed, Athena Security will not be able to execute the contract with you.

• Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of GDPR Article 6(1) lit (c), for example complying in the fields of employment law.
• And where the processing is necessary for the purposes of Athena Security's legitimate interests, such processing will be made in accordance with GDPR Article 6(1) lit (f), for example to detect fraud.
• You may also receive personalised advertising where you indicate to Athena Security specific interests by requesting information about a product or service or by indicating your marketing preferences in the Preference Centre (access to which is provided at the bottom of this page), however, you may also receive general communications regarding new launches, promotions or schemes.

Transferring personal data from the EU to the UAE

Athena Security has its headquarters in the United Arab Emirates (UAE). Information we collect from you will be processed in the United Arab Emirates. The security of your privacy and the information you give us is very important to us, but we cannot ensure or warrant the security of any information you transmit to Athena Security or guarantee that your information on the Athena Security Service may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards. When you enter sensitive information (such as log in credentials) on our order form or chat form, we encrypt that information using secure socket layer technology (SSL). Please be aware that no data transmission over the Internet can be guaranteed to be 100% secure. As a result, Athena Security cannot guarantee or warrant the security of any information you transmit on or through the sites and you do so at your own risk.

Athena Security participates in its compliance with the EU Privacy Shield Framework. Athena Security is committed to subjecting all personal information received from EU member countries to the Frameworks' applicable principles ('Principles').

European Union data subject rights

The European Union's General Data Protection Regulation and other countries' privacy laws provide certain rights for data subjects (these are persons that can be identified).

This Privacy Notice is intended to provide you with information about what personal data Athena Security collects about you and how it is used.

If you wish to confirm that Athena Security is processing your personal data, or to have access to the personal data Athena Security may have about you, or have other questions, please use the Contact Form on our website (https://www.athena.ae).

You may also request information about:

• the purpose of the processing
• the categories of personal data concerned
• who else outside Athena Security might have received the data from Athena Security
• what the source of the information was (if you did not provide it directly to Athena Security)
• where the personal data is stored and how long it will be stored

You have a right to correct (rectify) the record of your personal data maintained by Athena Security if it is inaccurate. You may request that Athena Security erase that data or cease processing it, subject to certain exceptions. You may also ask Athena Security for your personal data to be supplemented or updated, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. You may withdraw your consent for the processing of personal data or the further processing of personal data by Athena Security at any time.

In many countries (including EEA countries), you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Athena Security processes your personal data. When technically feasible, Athena Security will - at your request - provide your personal data to you or transmit it directly to another controller. You have the right to receive your personal information in a structured and standard format.

In addition to the information contained in this Privacy Notice, you may be provided with additional and contextual information concerning particular services or the collection and processing of your personal data upon request.

c. Data storage and retention

Your personal data is stored by Athena Security on its servers, and on the servers of the database management services Athena Security engages, located in the United Arab Emirates. Athena Security retains data for the duration of the customer's business relationship with Athena Security and otherwise as required under applicable law. Personal data will be kept for no longer than is necessary for the purposes for which your personal data are processed. We will retain your personal data as long as you are an Athena Security customer or require our services so that we can provide these services to you.

If you are located in the European Economic Area, at the moment you come out of Athena Security association or withdraw your consent for the processing of your personal information, all your personal data received and stored will be erased if no longer needed by us. Unless we are required to retain this personal data by law or to comply with our regulatory obligations. In such a case, we will only keep this personal data for as long as necessary. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please use the Contact Form on https://www.athena.ae.

3. How to Contact Athena Security and modify your information or preferences

Questions regarding this Privacy Notice should be asked using the Contact Form on Athena Security's website (https://www.athena.ae). If you would like to modify the types of marketing email messages you receive from Athena Security, you may do so by following the instructions within the body of any email message that you receive from us.

4. Modifications to this Privacy Notice

From time to time, Athena Security may need to update or modify this Privacy Notice, to reflect changes in our business practices, data collection practices or organisation. We reserve the right to amend this Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice on the sites, or, if you have provided your email address to us, sending you an email notifying you of the amended Privacy Notice. It is strongly recommended to check the site often, referring to the date of the last modification listed at the top. We will in any case not reduce your rights under this Privacy Notice without your explicit and informed consent. If you do not agree to the changes, you should discontinue your use of the sites, and cease providing personal information to us, prior to the time the modified Privacy Notice takes effect. If you continue using the sites or provide personal information after the modified Privacy Notice takes effect, you will be bound by the modified Privacy Notice.

5. Questions, concerns or complaints

If you have any questions or concerns about this Privacy Notice, please use the Contact Form on Athena Security's website (https://www.athena.ae).

Please read these 'Terms and conditions' carefully. These are general terms and conditions of Athena Security (the 'Company') governing your access and use of the 'website'. If you do not agree with them, please do not use the website. By continuing to use the website, contents and / or any of the services shown on the site, you agree to be bound by these terms and conditions.

Acceptance

You undertake that your use of the website (which includes all contents on the screen, web links, emails and other services and information, along with the subsequent changes in due course ['content']) means you fully agree to the terms and conditions. Your eligibility to the products and services offered on the website is subject to Athena Security' determination and acceptance. You also undertake that your use of the website shall not:

• Violate the respective applicable laws
• Harm the public image of the website and will only be used for all defined, permitted and productive means
• Represent any fraudulent business activity; and that your use of the website and any consequential business decision will be at your own risk

Copyright © Athena Security. All Rights Reserved.

Copyright in the pages and in the screens displaying the pages, along with the information and material therein and in their arrangement, is owned by Athena Security unless otherwise indicated. Re-use of any content is strictly prohibited unless otherwise stated.

Trademarks

Athena Security, its subsidiaries, affiliates, contractors and / or participating corporations, are the owners of the trade and service marks appearing on this website and all rights are reserved in respect of such trade and service marks.

No warranty

The Company does not warrant the accuracy, correctness, completeness and acceptance of the content and / or any other information and / or materials available on the site. No warranties of any kind are given, whether express, implied or by laws, including but not limited to the warranties of non-infringement of third party rights, security, fitness, quality, compatibility, accuracy and safety.

Limitation of liability

Under no circumstance will Athena Security be liable for any features, functions (programming errors, other errors, linking, rectification of the errors, updates, omissions), and safety mechanisms built into the website (including loss / damage of any personal data / information, or any loss whether foreseen, foreseeable, known or otherwise). Athena Security and / or any of its affiliates will not be liable for any consequential, incidental damage, whether direct or indirect, arising out of the use of the website.

Contents of the website have not been investigated or verified and are not continuously monitored. The Company reserves all rights to disclose information as it deems necessary to satisfy any applicable law, or refuse to disclose, edit, or to remove any content or information or materials, in whole or in part, at its sole discretion.

Submission

All information submitted to Athena Security via this site shall be deemed (and remain) the property of Athena Security, which shall be free to use, for any purpose, any ideas, concepts, know-how or techniques contained in information, a visitor to this site provides Athena Security through this site. Athena Security shall not be subject to any obligations of confidentiality or privacy regarding information submitted, except as agreed by Athena Security or as otherwise specifically agreed or required by law.

Variations

These terms and conditions are subject to change at any time without notice and even after any such change, will not alter the obligation of the user.

Governing laws and jurisdiction

Your use of the Company website, its content, services and / or any information / material posted or available on this website, shall be governed by the law of the United Arab Emirates and you agree to submit to the exclusive jurisdiction of the courts of the United Arab Emirates.

Disclaimer

No representation or warranty of any kind whatsoever is given, express or implied, for the accuracy, correctness, completeness, fitness to the purpose or non-infringement of any content or any other information or material posted or available on the website. Any tangible or intangible harm / damage or any consequential or incidental damage thereof of any kind to the user, by accessing the website and / or any breach of the undertaking, is entirely at the user's own risk.

• Operations realized in accordance with laws and regulations of International Trade, Anti-Money Laundering, Combating Financial Terrorism, Anti-Corruption.
• Commitment to respecting responsible and ethical gold in accordance with LBMA Responsible Gold Guidance, and OECD Due Diligence Guidance for Responsible Supply Chains of Minerals.
• Systematic Due Diligence of our Clients and Business Partners.