DATA USAGE MANAGER - PRIVACY POLICY

]Last Updated: August 5, 2025[

INTRODUCTION

This privacy policy ("Privacy Policy") governs the data collection practices used by Flavr Technology LP

(“Company”, “we” or “us”) in relation to your (“you” or “user”) use of our Data Usage Manager mobile app,

which analyzes and keeps track of how much data the various apps installed on your device use, or our

website (collectively, the "Mobile App”). The services that we provide within the Mobile App shall be

referred to herein as the “Services”.

This Privacy Policy explains how we collect, share and use our users’ data. Please see our Terms of Service

(the “Terms of Service”) here which further explains the services that we provide. Definitions herein shall

have the same meaning as defined in the Terms of Use.

ACCEPTANCE OF THE TERMS: BY USING THE MOBILE APP OR OUR SERVICES YOU HEREBY ACKNOWLEDGE

THIS PRIVACY POLICY. IF YOU OBJECT TO THE TERMS HEREIN, PLEASE DO NOT ACCESS, DOWNLOAD OR USE

THE MOBILE APP OR SERVICES.

AGE LIMITATION

You represent and warrant that you are at least 18 years of age (or at least above the age that would be

considered a minor or child in your country or state of residence) and of legal competence to enter into

these terms. If we become aware that a user under the age of 18 has shared any information with us, we

will discard such information. If you have any reason to believe that a child under the age of 18 has shared

any information with us, please contact our Data Protection Officer at: dpo@flavrtech.co.

WHAT TYPE OF INFORMATION DO WE COLLECT?

The first type of information we collect is non-identifiable information pertaining to a user, which may be

made available or gathered via the user’s use of the Mobile App (“Non-Personal Information”). We are not

aware of the identity of and cannot determine the user from whom the Non-Personal Information was

collected.

Non-Personal Information which we collect may include your aggregated usage information and technical

information transmitted by your device, including: (i) certain software and hardware information, such as:

type of device and operating system; and (ii) Mobile App session ID, the time and date you access the

Mobile App.

The second type of information we may collect when you install or otherwise use the Mobile App is

individually identifiable information, namely information that identifies an individual or may with

reasonable effort identify an individual (“Personal Information”).

Directly Collected Personal Information: This information may include contact information, such as your

name, telephone number, address, email, etc., which you might provide us if you voluntarily contact us.

Additionally, you may be able to subscribe for certain services, as further explained via the Mobile App in which

case your credit card information, billing information or payment information may be processed via the Google

Play platform.

Automatically Collected Personal Information: This information may include: (i) Installed Applications Data

- this includes information about installed apps, such as their names, installation and update date, and

version of the applications; (ii) App Activity Data – this includes information about how you use other

applications on your device and includes how often and how long you use these applications, metrics

reflecting usage patterns or performance, details about your search behavior within these applications,

records of online shopping activity, advertisements that are displayed, and certain communications sent

through messaging platforms that you use; (iii) Mobile Web Data - this includes information about your

activity across mobile websites that you visit while using our Services including the URLs you visit, time you

spent there and your interactions there; (iv) AI Prompts and Outputs - we may collect and process the

prompts you use in various AI platforms that you access on your device as well as the outputs you receive

from such platforms (this may also include any and all attachments, documents and images including in the

prompts and outputs; (v) IP Address - the Internet Protocol (IP) address associated with the communication

between your device and our network server, which we store in hashed (encrypted) form, with the last class

permanently deleted before storing it, in order to retain only general (e.g., country and city) location; and

(vi) GUID - this is a random number generated on your device and used to distinguish between different

users, and which we irreversibly encrypt so that it would be very difficult to be used to identify you.

In order to provide our Services, we may request access to certain Android permissions (“Permissions”),

such as: (i) App Usage and Storage; (ii) Query Intent; and (iii) Accessibility. We use the information obtained

through the Permissions for the purpose of providing our Services. Specifically we use the App Usage and

Storage Permission to monitor your mobile data usage and display the analysis on your home screen and

within the Mobile App. The Query Intent Permission is used to provide our Services and the Accessibility

Permission is used to enable the Smart Warnings and app details features even when the Mobile App is not in

use.

To access these Permissions, you will need to actively enable them through your mobile device

settings. You can disable the Permissions at any time through your mobile device settings or Mobile App

settings, but note that depending on the Permission you disable, a feature or all features might not properly

operate. Certain features included in the Services rely on technology provided by our affiliates. To support

these features, we may share your Personal Information, including the information referenced above, with

those affiliates who may also use this information for its market intelligence and analytics services.

HOW DO WE USE YOUR INFORMATION? WHAT IS OUR LEGAL BASIS?

● Contact Information and Social Network Registration - we will use this information solely to

respond to your requests and support your needs. Our legal basis for the use of such information is

to fulfill our contract with you, by providing you with the Services that you requested.

● Installed Applications Data - we will process this data to provide you with the Services and fulfill

our contract with you. We may also process this data, based on your consent, if we need to obtain it

in order to do so. Our affiliates, who support us in operating the Services, typically process this

information and filter or aggregate this information so that it cannot reasonably be used to identify

you or your device. In limited circumstances, our affiliates may share such information with their

customers for purposes such as market analysis or research into consumer trends. Any such sharing

occurs only where the customer has agreed by contract not to attempt to identify you.

● App Activity Data - we will process this data to provide you with the Services and fulfill our contract

with you. Our affiliates, who support us in operating the Services, typically process this information

and filter or aggregate this information so that it cannot reasonably be used to identify you or your

device. In limited circumstances, our affiliates may share such information with their customers for

purposes such as market analysis or research into consumer trends. Any such sharing occurs only

where the customer has agreed by contract not to attempt to identify you. We may also process

this data based on your consent, if we need to obtain it under applicable law, in order to do so.

● Mobile Web Data - we will process this data to provide you with the Services and fulfill our contract

with you. We may also process this data, based on your consent, if we need to obtain it in order to

do so. Our affiliates, who support us in operating the Services, typically process this information and

filter or aggregate this information so that it cannot reasonably be used to identify you or your

device. In limited circumstances, our affiliates may share such information with their customers for

purposes such as market analysis or research into consumer trends. Any such sharing occurs only

where the customer has agreed by contract not to attempt to identify you. We may also process

this data based on your consent, if we need to obtain it under applicable law, in order to do so.

● AI Prompts and Outputs - we will process this data to provide you with the Services and fulfill our

contract with you. We may also process this data, based on your consent, if we need to obtain it in

order to do so. If any sensitive personal data is unintentionally included in the AI inputs or outputs,

it will be handled based on your explicit consent when such consent is required under applicable

laws. You may revoke this consent at any time by using the opt-out methods described below. To

stop the collection of AI inputs and outputs, please refer to the instructions provided in the “How to

Delete Your Data and Exercise Your Rights” section. Our affiliates, who support us in operating the

Services, typically process this information and filter or aggregate this information so that it cannot

reasonably be used to identify you or your device. In limited circumstances, our affiliates may share

such information with their customers for purposes such as market analysis or research into

consumer trends. Any such sharing occurs only where the customer has agreed by contract not to

attempt to identify you.

● IP Address - We process your IP address based on our legitimate interest in ensuring the security,

functionality, and performance of our Services. This includes protecting against fraud and abuse,

monitoring service usage to improve user experience, and maintaining technical operations.

HOW DO WE SHARE THE INFORMATION, AND FOR WHAT PURPOSE?

We may share your Personal Information with third parties for the purposes described in this Privacy Policy,

including:

● Legal, Regulatory, and Safety Disclosures: We may disclose Personal Information as required by law

or when we believe it is necessary to protect our rights or the safety of others. This includes sharing

information with law enforcement, regulatory authorities, and other government entities, as well as

in situations involving potential threats, fraud, or legal disputes.

● Business Transactions: If we or our affiliates undergo a merger, acquisition, investment,

reorganization, or asset sale, your Personal Information may be shared or transferred as part of the

process. This can include disclosures during due diligence to attorneys, auditors, lenders, and

consultants in preparation for or execution of such transactions.

● Service Providers and Vendors: We engage third-party vendors, processors, and service providers

to carry out functions on our behalf. Your Personal Information may be shared with them as needed

to support the operation and delivery of our Services.

● Affiliates: We may share Personal Information with our affiliated companies. These entities may use

the information for analytics, market research, and other uses consistent with this Privacy Policy.

Our affiliates may also disclose some of this information to their customers as part of their market

intelligence services however, only under terms that do not allow its customers to identify any one

individual (including you) by way of the information.

● Marketing and Advertising Partners: To support our promotional and advertising efforts, we may

share Personal Information with third-party platforms, networks, and partners involved in managing

and optimizing campaigns.

● Other Permitted Disclosures: We may also share Personal Information with third parties where

permitted under applicable laws and regulations.

Note that we may also appoint third-party service providers, operating under our instructions, who may

need access to your Information in connection with their services on our behalf. Transfers of your Personal

Information will be made in accordance with applicable data protection laws and regulations.

TRANSFERRING OF INFORMATION

Your Personal Information may be stored or processed in the United States, the European Economic Area

(EEA), and other countries around the world. We take appropriate measures to ensure that any cross-border

transfers of Personal Information comply with applicable data protection laws.

When data originating from the EEA or the United Kingdom is transferred to countries that are not

recognized by the European Commission or UK Government as providing an adequate level of data

protection, we implement appropriate safeguards to protect your information during the transfer and

subsequent processing.

These safeguards may include the use of standard contractual clauses approved by the European

Commission or the UK Government, which legally oblige the recipient to uphold a comparable level of data

protection. Where required, you may contact us to obtain a copy of these contractual protections.

USE OF COOKIES AND THIRD PARTY TOOLS

When you access or use our website, we may use industry-wide technologies such as "cookies" (or similar

technologies), which store certain information on your computer (i.e., locally stored) and which allow us to

customize our service and content as well as enhance your experience. We may also use third party tools

such as Google Analytics. To learn more how Google uses data from our use of Google Analytics Cookie we

recommend you review Google’s policies located at: www.google.com/policies/privacy/partners. We also

encourage you to review the Google Analytics' currently available opt-outs for the web tool available at:

https://tools.google.com/dlpage/gaoptout/. Please also review the following for more information about

cookies: www.allaboutcookies.org.

OPT-OUT RIGHT

You may opt out of the automatic collection and disclosing of your information that is related to our Mobile

App and Services, by uninstalling the Mobile App from your device. Alternatively, you are also able to

opt-out of such processing by going to the settings on your device, clicking about and unchecking the “data

sharing” checkbox. You may also contact our Data Protection Officer at: dpo@flavrtech.co and we will be

happy to assist you at any time.

After you opt out, we will no longer automatically collect and disclose your Personal Information and

Non-Personal Information as described in this Privacy Policy in connection with your use of the Mobile App

or Services. Note that once you opt out, some of the Services or features provided by us may no longer be

available.

USER RIGHTS

Data Retention - Unless you instruct us otherwise, we retain the information we collect for as long as

necessary to provide the Services described herein and to comply with our legal obligations, resolve

disputes and enforce our agreements. If you object to such collection, use and sharing of data, please cease

using the Mobile App immediately and remove the Mobile App from your device.

You may have certain rights with respect to your data depending on the applicable laws in your jurisdiction

(e.g., such as those in the European Union or the United Kingdom), you may be entitled to exercise a range

of rights regarding your Personal Information. These may include the following:

● Access and Information: You may have the right to ask whether we process your Personal

Information and, if so, to request details about that processing, such as the types of data we hold,

the purposes for which it is used, and who it may be shared with.

● Correction: If you believe that any Personal Information we hold about you is inaccurate or

incomplete, you can request that it be corrected. We also recommend regularly reviewing your

information collected via our Services to help keep your information up to date.

● Erasure: In certain cases, you may request that we delete your Personal Information, for example,

when it is no longer needed for the purposes for which it was collected.

● Restriction of Processing: You may ask us to limit how we process your Personal Information under

specific circumstances.

● Data Portability: When our processing is based on your consent or a contract with you, you can

request to receive your Personal Information in a structured, commonly used, and

machine-readable format—or have it transferred to another organization, where technically

feasible.

● Objection to Processing: You may object to the processing of your Personal Information when we

rely on legitimate interests as our legal basis. You also have the right to object to the use of your

Personal Information for direct marketing.

● Withdrawal of Consent: Where we rely on your consent to process your data, you can withdraw

that consent at any time. Doing so will not affect the lawfulness of processing that occurred before

your consent was withdrawn.

● Supervisory Authority - In addition, you may have the right to lodge a complaint with a supervisory

authority, subject to applicable law (as is the case in the European Union).

In order to assert any of these rights, please contact our data protection officer at: dpo@flavrtech.co.

Note that we may request proof of your identity, and we reserve the right to charge a fee where allowed by

law, such as in circumstances where your request is deemed to be excessive.

CALIFORNIA PRIVACY NOTICE

Consumers in the State of California, United States are granted certain rights related to Personal

Information under THE California Consumer Privacy Act of 2018 (CCPA), as amended by the California

Privacy Rights Act (CPRA), effective January 1, 2023 (the “CCPA”).

Please note that this section does not cover information that is publicly available or otherwise exempt from

the scope of the CCPA. It also does not apply to Personal Information collected and used in an employment

context, such as data related to our staff, contractors, or job candidates, which is governed by separate

privacy disclosures.

Types of Personal Information We Collect and Disclose

The kinds of Personal Information we collect, and may have collected in the past 12 months, depend on

how you interact with us. The categories below represent the types of information we collect and may share

with third parties for business-related purposes, as outlined by California law:

● Identifiers (e.g., GUIDs, IP addresses): This data may be shared with our corporate affiliates, service

providers, advertising and analytics partners, social platforms, and, where required, with law

enforcement or regulatory authorities.

● Customer Account Information (e.g., names, account identifiers, contact details): Shared as needed

with affiliates, legal advisors, and government entities, where disclosure is legally mandated.

● Internet or Network Activity (e.g., Mobile Web Data, App Activity Data, Installed Applications Data

and AI Prompts and Outputs): This information may be disclosed to our affiliates, vendors, and,

when applicable, governmental bodies.

We obtain this information both directly from you and indirectly, such as through your interactions with our

Services, as outlined earlier in this Privacy Policy.

How and Why We Use Your Data

The Personal Information we collect may be used and shared for various operational, commercial, and legal

purposes, including:

● Providing access to our services and supporting user interactions

● Conducting internal analysis and improving performance

● Marketing and ad campaign management

● Ensuring the safety, integrity, and legal compliance of our Services

● Responding to legal obligations or regulatory requests

● Supporting corporate events, such as mergers or business reorganizations

● Assisting affiliated companies with research and analytics

● Facilitating the services provided by our vendors, partners, and processors

Sale and Sharing of Personal Information

California law defines a "sale" as providing Personal Information to a third party in exchange for monetary

or other valuable consideration. "Sharing" refers specifically to disclosing Personal Information for

cross-context behavioral advertising.

We may engage in “selling” or “sharing” certain categories of Personal Information—such as identifiers and

browsing behavior (including Mobile Web Data, App Activity Data, Installed Applications Data and AI

Prompts and Outputs)—to business clients for marketing analytics. Some of the information involved may

qualify as sensitive under state privacy laws.

We do not knowingly engage in the sale or sharing of Personal Information related to individuals under the

age of 16.

Data Retention Practices

We retain Personal Information only for as long as necessary to fulfill the purposes for which it was

collected, or as otherwise disclosed at the time of collection. When determining how long to keep

information, we take into account our legal responsibilities, the nature of the data, and whether we have a

valid reason to preserve it (such as in connection with legal holds).

Where possible, we may deidentify the data instead of deleting it. If we do so, we commit not to attempt to

reidentify the information except as allowed by law.

Your Rights Under California Law

As a California resident, you may have the ability to exercise certain rights in relation to your Personal

Information, including:

● Right to Know (Collection): You may request details about the categories of Personal Information

we’ve collected, where it came from, the purposes behind its collection, and who it’s been shared

with over the past 12 months.

● Right to Know (Sale/Disclosure): You may also inquire about how we’ve disclosed or sold your data

during the same timeframe, including what types of information were involved and which third

parties received it.

● Right to Access (Copy): You can request a copy of the specific pieces of Personal Information we’ve

gathered about you.

● Right to Delete: You may ask us to delete the Personal Information we hold about you, subject to

legal exceptions.

● Right to Opt-Out of Sale or Sharing: If we are selling or sharing your Personal Information, you can

request to opt out. For instance, this can be done by turning off certain permissions (e.g., VPN

permissions) via your device settings.

● Right to Data Portability: Where applicable, you can request that your data be provided in a

portable, machine-readable format.

Only you or a representative authorized and registered with the California Secretary of State to act on your

behalf may make a CCPA request. Requests must be sent by e-mail to dpo@flavrtech.co.

We must verify your identity and that you have the authority to make the request before we can respond,

beginning with matching the information in the request with information in our files. As a result, while we

will attempt to limit the additional information required in a CCPA request, we need sufficient personal

details to verify your request. At a minimum, we must confirm to a reasonable degree of certainty you are

the person about whom the request relates (or are that person’s duly-authorized representative), and we

must have sufficient details about what you are requesting to allow us to understand and respond. Without

sufficient information, we may need to decline your request.

If we can verify a request, we will make efforts to respond within 45 days. If we need more than 45 days (up

to 90 days), we will inform you in writing, including the reason(s) we need more time.

The exercising of your CCPA rights will not result in any discrimination against you. We will not charge you

more or give you lower-quality goods and services and we will not deny you goods or services as a result of

you exercising your CCPA rights.

RIGHTS OF RESIDENTS OF OTHER U.S. STATES

Residents of certain other U.S. states may have additional rights under applicable privacy laws and be entitled to

additional disclosures as follows:.

Sale of Personal Data: We may sell the following categories of Personal Data: Identifiers, commercial

information, internet and electronic network activity information, profiles and inferences, and “sensitive data,”

as that term is defined under applicable U.S. privacy laws. We sell such categories of Personal Data to our

business customers so that they may conduct their own analysis on consumer behaviors and analyze and

improve their marketing and advertising campaigns.

Consumer Rights:

If you are a resident of certain other U.S. states you may have additional rights under applicable privacy laws,

subject to certain limitations, which may include:

● Access. The right to confirm whether we are processing their Personal Information and to obtain a

copy of their Personal Information in a portable and, to the extent technically feasible, readily usable

format.

● Delete. The right to delete their Personal Information provided to or obtained by us.

● Correct. The right to correct inaccuracies in their Personal Information, taking into account the nature

and purposes of the processing of the personal information.

● Opt-Out. To opt out of certain types of processing, including: (i) to opt out of the “sale” of their

Personal Information; (ii) to opt out of targeted advertising by us; and (iii) to opt out of any processing

of Personal Information for purposes of making decisions that produce legal or similarly significant

effects.

To exercise your privacy rights under applicable U.S. state laws, you can submit a request by contacting us

via email at dpo@flavrtech.co. Upon receiving your request, we will take reasonable steps to verify both

your identity and the nature of the request by comparing the details you provide with information already

in our records.

In certain situations, we may need to ask for additional details to complete the verification process or to

fulfill your request. If we are unable to confirm your identity after making a reasonable effort, we may

decline the request. Should that occur, we will inform you of the reason for the denial and, where possible,

how to address any issues.

If you are an authorized agent acting on behalf of someone else, you may initiate a request by contacting us

at dpo@flavrtech.co. In such cases, you will need to provide valid proof of your authority to act on the

individual’s behalf. We may also require direct verification from the individual to confirm both their identity

and your authorization to act on their behalf.

HOW DO WE SAFEGUARD YOUR INFORMATION?

We take great care in implementing and maintaining the security of the Mobile App and your information.

We employ industry standard procedures and policies to ensure the safety of our users’ information, and

prevent unauthorized use of any such information. Although we take reasonable steps to safeguard

information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our

Mobile App, and we make no warranty, express, implied or otherwise, that we will prevent such access. We

may adopt what we believe is appropriate data collection, storage and processing practices and security

measures to protect against unauthorized access to such data.

If you feel that your privacy was treated not in accordance with our policy, or if any person attempted to

abuse our Mobile App or acted in an inappropriate manner, please contact our Data Protection Officer

directly at dpo@flavrtech.co.

AMENDMENTS

We reserve the right to periodically update or revise this Privacy Policy at our sole discretion; such changes

will be effective immediately upon the display of the revised Privacy Policy. Thus, we encourage you to

check this Privacy Policy regularly for updates, so that you are fully informed of how your data is collected

and used by the Company and your related rights. The last revision date will be reflected in the "Last

Updated" heading. Your continued use of the Mobile App or our services following the display of such

revised privacy policy constitutes your acknowledgement of such amendments to the Privacy Policy and,

where the processing of personal data is based on consent, your agreement to be bound by the terms

therein. In the event of a material change that will substantially affect your use of the Mobile App or service

or the data collection by us, we will endeavor to provide you with notifications through the Mobile App or

by email.

If you have any general questions about the Mobile App or the information that we collect about you and

how we use it, please contact us at: dpo@flavrtech.co.