Appendix 12 to the General Terms of Business PRIVACY POLICY

Actual https://mind-money.eu/static/1f812d3177f1fe08862b42535b4881b0/c57e700d-4278-4246-9e48-5fa352f5d894_PRIVACY+POLICY.pdf

We compiled this Privacy Policy (Version 05.05.2022) to illustrate, in congruence with on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”), what information we collect and why, as well as how we utilize it and what options on the website our clients can access. Unfortunately, the provided explanations can sound quite technical due to their nature, but we did our best to elucidate the essential things so that everyone can understand them. 1. Autosaving data Currently, websites automatically create and store certain information when you visit them, and our website is not an exception here. When clients visit our website, the way you are doing right now, the web server collects and saves the following data:  The address (URL) of the web page you visit;  The used operating system;  The browser and its version;  Date and time;  The address (URL) of the page you visited before (referrer URL);  The hostname and the IP address of the device via which the website was accessed;  In files that are web server log files. Web server log files tend to be stored for half-month and are deleted automatically when this period ends. We do not disclose this information to anyone, but the risk of this information accessed by third parties illegally still exists. Under Article 6, Paragraph 1 of GDPR (Lawfulness of processing), legitimate interest should take place in maintaining this website’s faultless operation by gathering web server log files. 2. Storage of personal data Personal data visitors provide to our website, including name, postal address, email address, or other personal details when completing a form or leaving comments, along with the IP address and time, will only be utilized by us for the purpose mentioned here and will be stored securely and will not be obtained by third parties. 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. www.mind-money.eu tel: +357 25755337 / fax: +357 25755336 Consequently, we are making use of personal data for communication purposes only from users who are willing to contact and to offer the product and services provided on the website. We will not disclose personal details without your allowance, but it is not possible to exclude the risk of this information being accessed by someone else illegally. In the case of sharing personal data via email, which implies that you do it outside our website, we cannot guarantee that it will be safe and secure. Our recommendation is to avoid sending confidential information by email with no encryption. Due to Article 6, Paragraph 1 of GDPR (Lawfulness of processing), the legal framework means that your consent to process the provided data is required. It is possible to revoke the consent at any time you like, and sending an informal email is enough. All our contact details are provided below. 3. Rights according to the General Data Protection Regulation As mentioned by the regulations of the GDPR, you have the below rights:  right to information (Article 16 GDPR);  right to erasure (“right to be forgotten”) (Article 17 GDPR);  right to restrict data processing (Article 18 GDPR);  right to be notified – obligation regarding rectification or erasure of personal data or restriction of processing (Article 19 GDPR);  right to data portability (Article 20 GDPR);  right to object (Article 21 GDPR);  right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR). Our visitors can always contact the Commissioner for Personal Data Protection of the Republic of Cyprus if they suppose that the processing of their personal information causes data privacy laws breach or that their data privacy rights have been infringed. 4. Name and address of the legal entity liable for data processing The legal entity liable due to the Basic Data Protection Regulation, other laws protecting data used in the member states of the European Union, and other regulations connected with data protection is: Mind Money Limited (ZERICH SECURITIES LIMITED LTD) 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. Email: info@ mind-money.eu Website: https://mind-money.eu 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. www.mind-money.eu tel: +357 25755337 / fax: +357 25755336 5. TLS encryption with HTTPS We utilize HTTPS to spread the data over the internet in an interception-proof way, which means that the information is protected via technology by design Article 25, Paragraph 1, GDPR. With the help of TLS (Transport Layer Security), an encryption protocol applied to spread data over the internet securely, we can guarantee that your data is protected and remains confidential. You can see that this data transmission security system is applied with a little lock symbol located in the browser’s upper left corner as well as the “HTTPS” scheme used as a part of the website’s address. 6. Cookies To store user-specific data, our website utilizes HTTP cookies. A cookie happens to be a small package of information that the web browser and the web server exchange, but it has no meaning to them and is only utilized for the web application (e.g., online shopping – for the goods in a virtual shopping cart). Cookies can be either first-party cookies built by our website or third-party cookies developed by other websites (e.g., Google Analytics). Examples of cookie data:  Expiration period: 12 months;  Name: _ga;  Example value: GA1.2.1326744211.152311093252;  Usage: differentiation of website visitors.The three categories of cookies are: 1. Functional cookies to guarantee the website’s performance; 2. Essential cookies to keep the basic functions operating; 3. Targeted cookies to enhance the user experience. Thanks to the use of cookies, our website is easy to navigate. Some of them are kept on your device until you delete them. They make it possible for us to recognize the browser when you start navigating the website next time. 6.1.Division of Cookies into two domains:  Root domain – mind-monye.eu;  Localized. Tags bound to the root domain mind-monye.eu:  _dc_gtm_UA-41519441-4, _ga, _gcl_au, _gid, web_app_ga, web_app_ga_M19QP7JY69 – tags from GA - are needed for tracking activity and transferring data to GA by id - UA-41519441-4 (do not transfer personal data);  _fbp – tags from FB pixel - needed for tracking activity and transferring data to FB (do not transfer personal data);  _fz_*(fvdt|gtd|ssn|uniq) – tags from Finteza Analytics - needed for tracking activity and transferring data to Finteza; 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. www.mind-money.eu tel: +357 25755337 / fax: +357 25755336  carrotquest_*( auth_token|device_guid|realtime_services_transport|session|session_started|u id) – tags from CarrotQuest - needed for tracking activity and transferring data to CarrotQuest) – MANDATORY;  cjConsent – tag from CJ Affiliate - needed to track activity and transfer data to CJ Affiliate (does not transfer personal data);  csrf_cookie – service tag for CSRF protection against code injection - installed by us (does not transfer personal data) – MANDATORY;  http_referer - service tag for transferring data about the user's referrer when going to the website - used as part of determining the source of the attracted client (does not transfer personal data) – MANDATORY;  language – service tag for transferring data about the selected localized version of the site - used to improve the quality of services provided to the user (does not transfer personal data) – MANDATORY;  lp_session_id - service tag for transmitting session data - used to improve the quality of services provided to the user (does not transfer personal data) – MANDATORY;  connected to the process of attracting users to the site (does not transfer personal data). Tags linked to a localized domain:  __ar_v4 – marketing tag - required for proper work of Google DoubleClick;  carrotquest_testcookie - tag from CarrotQuest - needed to track activity and transfer data to CarrotQuest) – MANDATORY. 7. Settings and deletion of cookies You have to open your browser settings if you want to figure out which cookies are stored, you are willing to delete them, or you intend to change the cookie settings:  Chrome: Activate, delete, and manage cookies in Chrome;  Safari: Manage cookies and website data with Safari;  Internet Explorer: Delete and manage cookies;  Firefox: Delete cookies to remove data that websites have stored on your device. It is possible to set the browser to notify you when cookies are set and ask you to approve it every time if you do want to store your data through cookies. Moreover, you are free to disable or delete cookies that are already stored on your device at any time. The process should be different for different browsers. For this purpose, you can search for instructions through Google if it is Chrome, and the term should be “Disable cookies Chrome” or “Delete cookies Chrome,” and you can put another browser’s name (e.g., Edge, Firefox, Safari). Some pages and features on our website may not work properly if there is no allowance to use cookies from your side (i.e., you get them disabled in settings). 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. www.mind-money.eu tel: +357 25755337 / fax: +357 25755336 8. Google Fonts Privacy Policy Our website utilizes Google Fonts from the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The Google Fonts use requires no authentication, and cookies are not sent to Google Fonts API. No Google account data will be shared with Google while utilizing Google Fonts if you obtain a Google account. The use of CSS and the Fonts applied is the only information recorded and storedsecurely. You can learn more information regarding that at https://developers.google.com/fonts/faq?tid=311093252. It is possible to learn what information is collected by Google and how this data is utilized at https://developers.google.com/fonts/faq?tid=311093252. 9. Google Analytics Privacy Policy We utilize Google Analytics from Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) in order to evaluate user data statistically. Google Analytics applies target-oriented cookies for doing so. a) Cookies from Google Analytics  _ga  Expiration period: 2 years  Usage: differentiation of website visitors  Example value: GA1.2.1326744211.152311093252  _gid  Expiration period: 24 hours  Usage: differentiation of website visitors  Example value: GA1.2.1687193234.152311093252  _gat_gtag_UA_  Expiration period: 1 minute  Usage: is applied to throttle the request rate. When Google Analytics is submitted via the Google Tag Manager, this cookie is named _dc_gtm.  Example value: 1 If you want to learn more about terms of use and data protection, you should visit https://support.google.com/analytics/answer/6004245?hl=en. b) Pseudonymization Our concern about the GDPR is the enhancement of both web presence and offer. As our visitors’ privacy is a high priority to use, their data is pseudonymized. The processing of the data is based on the legal provisions of Article 6 of GDPR, Paragraph 1, data subject has allowed it for legitimate interest. c) Deactivation of data collection by Google Analytics The users of the website can disable Google Analytics from accessing their data when utilizing the browser addon to stop Google Analytics-JavaScript (ga.js, analytics.js, dc.js). 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. www.mind-money.eu tel: +357 25755337 / fax: +357 25755336 It is also possible to prevent the gathering of information generated by the cookie connected with your use of our website and forwarded to Google. In addition to that, you can prevent the processing of this information by Google if you download and install the browser plugin accessible at the below link: https://tools.google.com/dlpage/gaoptout?hl=en. 10. Google Analytics IP anonymization On this website, we have applied the IP address anonymization of Google Analytics. Google developed this function to guarantee that this website meets the applicable data protection regulations and local data protection authorities’ recommendations in case they ban the storage of full IP address. We have also implemented IP address anonymization. It means that IP addresses are masked or anonymized when they get into the Google Analytics data collection network and before the information is processed and/or saved. You can find more information about that at https://support.google.com/analytics/answer/2763052?hl=en. 11. Google Analytics reports on demographic characteristics and interests We are using Google Analytics advertising reporting features. The interest and demographic reports comprise details about gender, age, and interests. This allows us to receive a better understanding of our visitors without having to assign this information to individuals. You are free to find out more about the advertising features at https://support.google.com/analytics/answer/3450482?hl=de_AT&utm_id=ad. You may stop utilizing the information and activities of your Google Account. For this purpose, you need to click the Checkbox under “Advertising Settings” at https://adssettings.google.com/authenticated. 12. Google Analytics Addendum for data processing There is a direct customer agreement between Google and us regarding the use of Google Analytics by complying with the “Data Processing Addendum” in Google Analytics. Users can learn more about the data processing addendum for Google Analytics at https://support.google.com/analytics/answer/3450482?hl=en&utm_id=ad. 13. Google AdSense Privacy Policy We utilize Google AdSense on this website, which is the advertising program from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). Your IP address and information on the introduced advertising material might be transferred to servers in the USA and processed there. 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. www.mind-money.eu tel: +357 25755337 / fax: +357 25755336 The aim of cookies in AdSense is to improve advertising, and they do not include any personal details. After every click, impression, or any other activity that results in a request to the servers of the Google AdSense, it sends a cookie to the browser. If it accepts that cookie, it will be kept there. It is possible for third parties to access AdSense in order to locate and read cookies in the browser or utilize Web Beacons to keep data that they have through spreading ads on the website. Web Beacons are tiny graphics that provide log file analysis and recording, and they are applied for statistical analysis for online marketing purposes. 14. Carrot Quest Privacy Policy We apply the Carrot Quest service to gather personal data about visitors. Thanks to it, we can identify and communicate with you, as well as provide you with information and access to Products. The Personal Data comprises visitors’ phone number, name, technical user personal data, email address, along with other information submitted by them and allowing us to identify such a customer, directly or indirectly. The Personal Data is collected to record and use the submitted details in our databases; conducting statistical research, providing services and access to them, getting feedback, responding to user requests, providing information about advertising materials and services, analytics of user activity on the website and its functioning, to enhance our services and Products, and to notify about the services’ progress with the help of different communication means. These means of communication can be: Mailing lists; The Internet; Telephone; Email; SMS/MMS messages; Messages through communication services, like WhatsApp/Viber, etc. The information gathered about visitors is hosted on the Google servers, and Google is known for its attitude when it comes to security. Furthermore, this data is decentralized. For more information, you can click on the following link:https://www.carrotquest.io/terms-and-policies/. 15. Facebook Privacy Policy If you want to learn more about Facebook Privacy Policy, you should visit: https://www.facebook.com/privacy/explanation. 16. Trade.mind-money.eu – Language Thanks to this parameter, the website assigns you language cookies so that you could access the service in the required language version for one month. 13-15 Grigori Afxentiou, I.D.E. Ioannou Building, office 202, Mesa Geitonia, 4003 Limassol, Cyprus. www.mind-money.eu tel: +357 25755337 / fax: +357 25755336 17. Trade.mind-money.eu — LP Session ID The Session is necessary to get your user session identified. The service usage is connected with registration as well, and the storage period lasts for one year. 18. Trade.mind-money.eu – CSRF It happens to be a set for CSRF protection to get customer actions validated. The retention period is over when the browser is closed. 19. Disable cookies Users may delete cookies that are stored on their devices or disable them whenever they want. The process tends to be different for every browser. The easiest way to do that is to check the instructions on Google with the help of Disable cookies Chrome” or “Delete cookies Chrome” if it is Chrome, or you can put the name of your browser instead of “Chrome,” for example, Safari, Edge, or Firefox. Note that some pages and features of the website may not work properly if you disable cookies. 20. Disable personalized advertising Users can restrict personalized advertising on the page if they obtain a Google Account: https://adssettings.google.com/authenticated. Even if you do that, you might still see advertisements based on details, like browser type, your location received from the IP address, and the search term you recently used. You may learn more about data gathered by Google and how it is utilized at: https://policies.google.com/privacy?hl=en-GB.