AGORA DIGITAL TECHNOLOGIES INC.

MEDHYVE DATA PRIVACY POLICY

AGORA DIGITAL TECHNOLOGIES INC. (hereafter the ‘Company’) respects and values the privacy of its data subjects and employs reasonable measures to protect their Personal Data in accordance with all applicable laws, regulations, or requirements of any applicable country regarding the collection and processing of Personal Data (collectively, the “Privacy Laws”). This Privacy Policy is intended to inform website visitors regarding the Company’s policies with respect to the collection, use, and disclosure of Personal Data in relation to processing activities that may be performed through this website.

“Personal Data,” as used in this Data Privacy Policy, refers to all types of personal information including:

1. SERVICE DESCRIPTION

The Company primarily links customers to suppliers of medical products and equipment they may need and provides a platform where these parties can communicate and interact, thus it relies on Personal Data obtained from not only customers, but other parties it regularly deals with such as its vendors or suppliers, service providers. Only through collecting and processing the necessary Personal Data is the Company able to provide its services and enable the supply of medical products to end users utilizing its platform.

2. PERSONAL DATA COLLECTED AND PROCESSED

The Company may, depending on the transaction or business with it, collect the following categories of Personal Data:

Merchant and Purchaser

3. METHODS OF COLLECTION

The Company collects Personal Data voluntarily disclosed to it when data subjects submit documents, when Personal Data is acquired by the Company with the authorization of the data subjects, andwhen data subjects access any of the Company’s services. The Company also collects Personal Data from publicly available information, through trusted third parties, or through technology such as “cookies.”.

Data subjects may inform the Company of the specific Personal Data that they do not want to be processed beyond the requested purpose. The Company will respect the request of data subjects in so far as it is feasible to fulfill the purposes for which the Personal Data was collected.

Where data subjects have provided the Company with the Personal Data of individuals other than themselves, they warrant that they have obtained the necessary consent of these individuals for the disclosure, in accordance with the Privacy Laws.

4. METHODS OF PROCESSING

Personal Data may be processed both by way of computer media and on paper, in compliance with the rules on personal information protection, including those relating to data security.

5. PURPOSESPersonal Data, depending on the transaction or business with the Company, shall be processed for the following purposes:

  1. To fulfill the Company’s obligations, and enforce the Company’s rights, under its contracts with its customers, including but not limited to delivery of requested products and/or services

  2. To communicate with customers, through any available means, regarding matters related to customer experience and other legitimate matters, including:

    1. customer feedback and perspectives, and possible participation in market research activities

    2. resolution of complaints

    3. requests for assistance regarding technical and other product or service issues

    4. customer demographics and preferences

    5. improvement of sales and marketing activities, and overall customer satisfaction

  3. To perform data analytics on the website's activities

  4. To prepare statistical analysis and technical reports

  5. To solve website errors and possible problems

  6. To fulfill legitimate business purposes

  7. To comply with obligations under law

  8. To establish, exercise, or defend legal claims

  9. To fulfill any other purposes directly related to the above-stated purposes

The Company will not process the Personal Data of users in ways incompatible with the above-stated purposes.

6. PERSONAL INFORMATION CONTROLLER

The Company is the Personal Information Controller of any Personal Data disclosed by data subjects as it determines the purposes for which the Personal Data is being collected and processed.

7. TRANSFERS AND DISCLOSURES

Personal Data may be disclosed to the Company’s partners and third parties for the following purposes:

  1. To fulfill its obligations and facilitate orders;

  2. To settle possible disputes;

  3. To respond to law enforcement authority or other government regulatory bodies’ requests

  4. To process and administer technical and sales support;

  5. To answer and resolve inquiries, concerns or complaints

  6. To conduct audits, including operational, risk, compliance, financial, and anti-fraud and corruption audits, and/or investigate a complaint or security threat

  7. To comply with the Company’s business and management responsibilities and policies, which are necessary for the organizational functioning of the Company

  8. To comply with statutory requirements

  9. To establish, exercise, or defend legal claims

  10. Fulfill any other purposes directly related to the above-stated purposes

When the processing of Personal Data is outsourced by the Company to a third party, the processing will be subject to written agreements between it and the third party processing the Personal Data. These written agreements specify the rights and obligations of each party, and will provide that the third party has adequate security measures in place and that it will only process the Personal Data on the specific written instructions of the Company.

The Company may also transfer Personal Data to third parties as required by law or legal instrument to protect the Company’s rights or assets, to facilitate acquisition or disposition of the Company’s businesses, and in emergencies where the health or safety of a person is endangered.

The Company will not sell, rent, share, trade, or disclose any of the Personal Data it obtained to any other party without the prior written consent of the data subjects, with the exception of any third-party service providers which the Company has engaged, whose services necessarily require the processing of Personal Data.

The following are the third parties to whom Personal Data may be disclosed:

  1. Regulatory bodies/agencies, law enforcement authorities, and other legal bodies

  2. Service providers

  3. Suppliers

  4. Stockholders and business partners

  5. Potential investors or target companies in the context of an M&A deal

8. DATA RETENTION

Personal Data will be retained or stored for as long as the purposes for which they are being processed have not been satisfied. The Company will retain and use the Personal Data as necessary to comply with its legal obligations, resolve disputes, and enforce its agreements, after which the Personal Data shall be deleted or anonymized.

9. DATA PROTECTION MEASURES

The Company has put in place physical, electronic, and organizational measures designed to help prevent unauthorized access, to maintain data security, and to correctly use the Personal Data collected. These safeguards vary based on the sensitivity of the Personal Data collected and stored.

10. ACCESS

Subject access requests may be made by emailing the Data Protection Officer through the contact information below. The Company may take reasonable steps to confirm the requester’s identity as a data subject before granting access to the Personal Data and allowing updates thereto.

11. DATA SUBJECT RIGHTS

Data subjects have the following rights under the Privacy Laws, which may be exercised at their discretion:

A. The right to access Personal Data

It is possible for individuals to request access to any of their Personal Data held by the Company, subject to certain restrictions. A request for disclosure of such information is called a subject access request. Any such requests should be addressed to the Data Protection Officer.

B. The right to make corrections to Personal Data

Privacy Laws require the Company to take reasonable steps to ensure that any Personal Data it processes is accurate and up-to-date. It is the responsibility of data subjects to inform the Company of any changes to the Personal Data that they have supplied to the Company during the course of their engagement.

C. The right to object to the processing of Personal Data

Data subjects have the right to object to the processing of his/her Personal Data, including processing for direct marketing, automated processing or profiling. Data subjects shall also be notified and be given an opportunity to withhold consent to the processing in case of changes or any amendment to the information supplied or declared to the data subjects in this Data Privacy Policy. Please note that some of the Personal Data provided to the Company is necessary for it to comply with statutory and regulatory requirements, as well as with the Company’s administrative policies, and is thus mandatorily required to be collected and processed. Withholding of consent to the processing of certain personal information may prevent the Company from fulfilling certain obligations it may have to the data subjects, as well as preventing the data subject from availing certain services from the Company.

D. The right to erasure or blocking of Personal Data

Data subjects have the right to suspend, withdraw or order the blocking, removal or destruction of their Personal Data from the filing system of the Company.

E. The right to be informed of the existence of processing of Personal Data

Data subjects have the right to be informed whether Personal Data pertaining to them shall be, is being, or have been processed, including the existence of automated decision-making and profiling.

F. The right to damages

Upon presentation of a valid decision, the Company recognizes the right of data subjects to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of Personal Data, taking into account any violation of the rights and freedoms as a data subject.

G. The right to lodge a complaint before the applicable regulatory agencies

12. CHANGES TO THIS STATEMENT

This Data Privacy Policy may be updated from time to time. The data subjects will be notified whenever there are any updates that will significantly affect their rights.

13. CONCERNS AND QUESTIONS

In case of complaints, concerns, or questions regarding the processing of Personal Data, or if data subjects wish to exercise their data subject rights, it may be addressed to:

DATA PROTECTION OFFICER

AGORA DIGITAL TECHNOLOGIES INC.

41 Dancalan St. Damar Village. Quezon City

+639773920396 (PH) +65 6100 0204

gabriel@medhyve.com