Privacy Policy 2 — Sustainity

Privacy policy.

1. Name and Address of the Controller

The Controller, within the meaning of the General Data Protection Regulation and other applicable data protection laws in the member states of the European Union and other provisions with data protection character, is the law firm:

Name: Sustainity

Address: 22 Sungkhomsongkrao 18 Ladphrao 71 Bangkok 10230

Email: info@sustainity.com

Website: www.kb-greenlogix.com

2. Collection and Storage of Personal Data and the Type and Purpose of their Use

a) When Visiting the Website

When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

- IP address of the requesting computer,

- Date and time of access,

- Name and URL of the retrieved file,

- Website from which access is made (referrer URL),

- The browser used and, if applicable, the operating system of your computer, as well as the name of your access provider.

These data are processed for the following purposes:

- Ensuring a smooth connection setup of the website,

- Ensuring comfortable use of our website,

- Evaluation of system security and stability, and

- For other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.

b) Callback Service

Our website offers the service of requesting a callback. If this function is used, the data entered in the input mask will be transmitted to us and stored. These data are:

- The user's IP address,

- Date and time of registration,

- Salutation,

- First and last name and/or company name,

- Contact details such as email and phone number,

- Desired callback times,

- Message from the user.

The data processing is carried out in accordance with the legal conditions for processing the request. The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given their consent.

The processing of the personal data from the input mask serves us to process and execute the desired callback. The other personal data processed during the sending process are intended to prevent misuse of the contact form and to ensure the security of our information technology systems. There is no transfer of the data to third parties. The data will be deleted as soon as they are no longer necessary for achieving the purpose of their collection. For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified.

c) When Using Our Contact Form

Our websites have a button for online mandate intake, which can be used for electronic contact. If the affected person uses this online service from RA-MICRO Software AG, Washingtonplatz 3, 10557 Berlin, the personal data transmitted by the affected person will be automatically stored and briefly transmitted to the RA-MICRO servers. The storage is solely for the purpose of processing or contacting the affected person. No transfer of the data to other third parties takes place. The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given their consent.

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. A valid email address is required so that we know who the inquiry is from and to answer it. Further information can be provided voluntarily.

The data processing for the purpose of contacting us is based on your voluntarily given consent under Art. 6 para. 1 sentence 1 lit. a GDPR.

The personal data collected by us for the use of the contact form will be automatically deleted after the completion of your request.

3. Transfer of Data

Your personal data will not be transferred to third parties for purposes other than those listed below. We will only share your personal data with third parties if:

- You have given your express consent according to Art. 6 para. 1 sentence 1 lit. a GDPR,

- The transfer is necessary for the assertion, exercise, or defense of legal claims according to Art. 6 para. 1 sentence 1 lit. f GDPR, and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,

- There is a legal obligation for the transfer according to Art. 6 para. 1 sentence 1 lit. c GDPR,

- It is legally permissible and necessary for the processing of contractual relationships with you according to Art. 6 para. 1 sentence 1 lit. b GDPR.

4. Cookies

We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, trojans, or other malware. Information is stored in the cookie that results in connection with the specific device used. This does not mean that we immediately become aware of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after leaving our site. In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your device for a specific period. If you visit our site again to use our services, it will automatically recognize that you have already been with us and what inputs and settings you have made, so you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer (see section 5). These cookies allow us to recognize automatically when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined time. The data processed by cookies are necessary for the mentioned purposes to protect our legitimate interests and those of third parties according to Art. 6 para. 1 sentence 1 lit. f GDPR.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. The complete deactivation of cookies can, however, lead to the fact that you cannot use all functions of our website.

If you allow us to use cookies through your browser settings or consent, the following cookies can be used on our websites:

- If you write a comment on our website, your name, email address, and website will be stored in cookies. This is a convenience function so that you do not have to re-enter all this data if you write another comment. These cookies are stored for one year.

- If you have a user account on this website, a temporary cookie will be set to determine if your browser accepts cookies. This cookie does not contain any personal data and will be discarded when you close your browser.

- When you log in to this website, some cookies will be set to save your login information and display options. Login cookies expire after two days, and cookies for display options after a year. If you select "Stay logged in" when logging in, your login will be maintained for two weeks. When you log out of your account, the login cookies are deleted.

- If you edit or publish an article/post, an additional cookie will be stored in your browser. This cookie contains no personal data and only refers to the post ID of the article/post you just edited. The cookie expires after one day.

If these cookies also affect personal data, we will inform you about this in the following sections. You can delete individual cookies or the entire cookie inventory via your browser settings. In addition, you will receive information and instructions on how these cookies can be deleted or their storage can be blocked in advance. Depending on the provider of your browser, you will find the necessary information under the following links:

Mozilla Firefox: [Firefox Cookie Management](https://support.mozilla.org/en-US/kb/cookies-delete-remove-and-manage-cookies)

Internet Explorer: [Internet Explorer Cookie Management](https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies)

Google Chrome: [Google Chrome Cookie Management](https://support.google.com/accounts/answer/61416?hl=en)

Opera: [Opera Cookie Management](http://www.opera.com/help)

Safari: [Safari Cookie Management](https://support.apple.com/kb/ph17191?locale=en_US)

5. Analytics Tools

We use the Google Analytics web analytics service on our website, a web analytics service of Google Inc. (https://www.google.com/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized usage profiles are created, and cookies (see section 4) are used. The information generated by the cookie about your use of this website such as:

- Browser type/version,

- Used operating system,

- Referrer URL (the previously visited page),

- Hostname of the accessing computer (IP address),

- Time of the server request,

are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activities, and to provide further services related to website and internet usage for market research and needs-based design of these internet pages. These data may also be transferred to third parties if this is required by law or if third parties process these data on behalf. Your IP address will in no case

be merged with other data from Google. The IP addresses are anonymized so that an assignment is not possible (IP masking).

You can prevent the installation of cookies by adjusting the browser software accordingly; however, we would like to point out that in this case, you may not be able to fully use all functions of this website.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of these data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).

Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).

When using the Google Adwords Conversion Tracking service, a cookie is set on your device if you have reached this page via an ad on Google. This serves to analyze and statistically evaluate the use of the website. The cookie is valid for 30 days. Identification of the person does not take place, but observation of whether the user has reached the site via a Google ad.

You can prevent this usage by rejecting the setting of the corresponding cookies in your browser settings.

6. Social Media Plug-Ins

On the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, plug-ins, links, and buttons to social media websites are used for the purposes of advertising and information. By embedding these elements, data is transmitted to the respective social media providers when you visit our site, possibly also to third countries. These data are stored and processed by the providers; in particular, a provider can recognize your visit to our website if you are logged in to the social media providers at the same time. Even if you share or otherwise disseminate contributions from our website in the social network (“like”), this is transmitted to the provider and stored, possibly also to your user profile. The social networks use these data for business purposes, marketing, advertising, and other purposes, in particular also for the creation and creation of profiles about you and for the provision of personalized advertising. For the purpose and scope of the data collection and further processing and use of the data by Facebook and your respective rights and settings options for protecting your privacy, please refer to the Facebook data protection information (https://www.facebook.com/about/privacy/).

7. Data Subject Rights

You have the right to:

- According to Art. 15 GDPR, request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if these were not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about their details;

- According to Art. 16 GDPR, immediately request the correction of incorrect or completion of your personal data stored by us;

- According to Art. 17 GDPR, request the deletion of your personal data stored by us, unless the processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;

- According to Art. 18 GDPR, request the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion and we no longer need the data, but you need this for the establishment, exercise or defense of legal claims, or you have objected to the processing according to Art. 21 GDPR;

- According to Art. 20 GDPR, receive your personal data that you have provided to us in a structured, common, and machine-readable format or to request the transmission to another controller;

- According to Art. 7 para. 3 GDPR, revoke your once given consent at any time towards us. As a result, we are no longer allowed to continue the data processing based on this consent for the future and

- According to Art. 77 GDPR, complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our law firm's headquarters.

According to Art. 21 GDPR, object to the processing of your personal data, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation. You have the option to submit your objection informally by phone, email, fax, or to our postal address listed at the beginning of this privacy policy.

8. Email Communication

It is pointed out that emails sent by the law firm R & M LEGAL ADVICE AND MEDIATION are intended solely for the designated recipient. Their content is confidential and subject to the legally protected communication between clients and lawyers. Knowledge, publication, reproduction, or dissemination of the content of emails is not permitted without the consent of the authorized persons. If you find that you are not the intended recipient upon receiving the email, we ask you to contact the sender.

Email communication is generally prone to disruptions, so the transmission and timely receipt cannot be guaranteed. Therefore, sending emails to us has no deadline-preserving effect and cannot set binding deadlines. For time-critical inquiries, we advise sending via post, courier, or fax.

Email communication can also be insecure. We, therefore, recommend encrypted email communication. If you do not wish to communicate by email, please let us know.

9. Data Security

To ensure data security, the transmission of the contents of our website is encrypted using the SSL procedure according to the state of the art. To secure the data, we and the contracted service providers, with whom appropriate contractual agreements have been made, use suitable measures according to the state of the art, in particular to restrict access to the data, to protect against alterations and loss, and to ensure confidentiality according to the state of the art.

10. Status and Update of this Privacy Policy

This privacy policy is dated May 25, 2018. We reserve the right to update the privacy policy in due time to improve data protection and/or adapt it.

Disclaimer

Content Liability

The contents of the pages were created with the utmost care. However, no guarantee is given for the accuracy, completeness, and timeliness of the content. The service provider is responsible for its own content on these pages according to general laws pursuant to § 7 para.1 TMG. According to §§ 8 to 10 TMG, however, the service provider is not obliged to monitor transmitted or stored foreign information or to investigate circumstances indicating illegal activity. Obligations to remove or block the use of information according to general laws remain unaffected. However, liability in this regard is only possible from the time of knowledge of a specific infringement. Upon becoming aware of such violations, we will remove the content immediately.

Links Liability

This offer contains links to external third-party websites over whose contents we have no control. Therefore, no guarantee is assumed for these external contents. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognizable at the time of linking. Permanent content control of the linked pages is, however, not reasonable without concrete evidence of an infringement. Upon becoming aware of legal violations, we will remove such links immediately.

All texts, photos, and graphic designs used on this website are protected by copyright. If you wish to use parts of it, please contact the site operator. They will then, if necessary, establish contact with the copyright holder or authorized user.

Note on the Use of Imprint Information

The use of contact data published within the scope of this website's imprint such as postal addresses, telephone and fax numbers, and email addresses by third parties for sending unsolicited information is not permitted. Legal steps against the senders of so-called spam mails in violation of this prohibition are expressly reserved.