Green GSM - Privacy Policy

We collect User’s personal information in the course of providing Our Services to User. Personal information is information, contained in a document whether in physical or digital form, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the person holding the information, or when put together with other information, would directly and certainly identity an individual (i.e., pictures, video footage, employment information, name, age, email address, mobile number, birthdate, health). Sensitive personal information refers to personal information (a) about an individual’s race, ethnic origin, marital status, gender, color, and religious, philosophical, or political affiliations; (b) about an individual’s health, education, genetic, or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; (c) issued by government agencies peculiar to an individual which included, but not limited to, social security number, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and (d) specifically established by an executive order or an act of Congress to be kept classified. Below are the sources of information We collect: - Information provided by User to Us: We collect any information User provides in connection with Our Services. User primarily provides information to Us when they: Search for, register for, or use Our Services; Create or manage accounts; Configure settings, provide data access to, or interact with Our Services; Purchase or use content or services from third parties through Our Services; Provide content or services on or through Our platform; Contact Us via our customer hotline, phone, or email; Complete questionnaires or forms; Post content on Our Services. Depending on User’s interaction with Our Services, this information may include: Name, email address, physical address, phone number, and similar contact information; Payment data (e.g., credit card or bank account details); Location data; Organization details and points of contact; Usernames, aliases, roles, and security/authentication credentials; Feedback, communications, testimonials; Biometric data such as images (including 3D), voice, or other identifiable traits; Government-issued IDs and nationality; Tax-related identifiers such as TIN. When User provides information other than User’s own, User certify that he/she has obtained the consent and authority of the person of such information (such as User’s parents, spouse, children, dependent, or any other person) to allow Us to disclose and process such information. User is responsible for ensuring that all personal data User submits to Us are accurate, complete, and up-to-date. - Automatic Information: We automatically collect certain types of information when User and drivers interact with Our Services. This may include, among others, IP address and network information; Device, browser, and system configurations (e.g., plug-ins, OS, time zone); Location data from User’s device; Authentication and security logs; User interactions (e.g., content downloads, playback details, clicks, scrolling); Service metrics (e.g., usage patterns, errors, API calls); Email and phone number used to reach Us; Identifiers from cookies and similar technologies; In-vehicle audio and/or video recordings captured during a ride-such as images, voice, or both, along with related metadata-through CCTV systems installed in compliance with the requirements of competent authorities in the Philippines. - Information from other sources: We may collect information about User from other publicly and lawfully available sources.

We use User’s personal information to operate, provide, and improve Our Services. The purposes for using personal information are as follows: - Provide Our Services: We may use User’s personal information to provide Our Services and process transactions related to Our Services. - Measuring, supporting, and enhancing Our Services: We use User’s personal information to measure usage, analyze performance, correct errors, provide support, improve quality and develop Our Services. - Making recommendations and personalizing experiences: We use User’s personal information to recommend Our Services that User may be interested in, identify User’s interests, and personalize User’s experience with Our Services. - Compliance with legal obligations: In certain cases, We have a legal obligation to collect, use, or store User’s personal information. - Contacting User: We may use your personal information to contact User in connection with our Services via various channels (e.g. email, chat) and to respond to User’s request. - Marketing: We may use User’s personal information to do marketing and promote Our Services in accordance with the laws. We may display advertisements of Our Services based on User’s interests. - Preventing fraud and manipulation, credit risk management: We use User’s personal information to prevent and detect fraud and manipulation to protect the security of Users, Us, and others. We also use User’s personal information to employ risk assessment and management measures. - Specific purposes requiring User’s consent: We ask for User’s consent to use personal information for a paticular purpose.

We use cookies, pixels, and other similar technologies (referred to collectively as “Cookies”) to recognize the User’s browser or device, learn more about User’s interests, provide User with essential features and services, and for other additional purposes, including: - Identifying the User when User logs in to access and use Our services. This enable Us to provide User with personalized suggestions, display taiored personalized content, and provide customized features and services. - Respecting the User’s preferences and choices. This allows Us to respect the User’s interests and dislikes, such as the language selection and preferred settings. - Conducting research and analysis to improve Our Services. - Preventing fraud and enhancing security measures. - Provide content, including advertisements, based on the User’s interests on Our websites and third party’s websites. - Measure and analyze the quality of Our Services. Cookies allow User to take advantage of some of Our essential features. For example, if you block or reject our cookies, User may not be able to use certain services that require User to log in or you may have to manually adjust certain perferences or set the language whenever User revisits Our websites. Approved third parties may also set cookies when User interacts with Our Services. These third parties typically include search engines, measurement, and analysis service providers, social networks, and advertising companies. Third parties use cookies during the delivery of content, including personalized advertisements related to User’s interests, to measure the effectiveness of advertising, and to perform certain services on Our behalf. User can manage browser cookies by adjusting their browser settings. The “Help” feature on most browsers will tell the User how to prevent the browser from accepting new cookies, how the browser notifies User when the User receives a new cookie, how to disable cookies, and when the cookie expires. If the User disables all cookies on his or her browser, neither We nor third parties will be able to transfer cookies to the User’s browser. However, if the User does this, the User may have to manually adjust some preferences whenever the User revisits the website and some features and services may not function.

User’s Information is an important part of Our operations, and We do not provide User’s personal information to any third party except in the cases set out in section (i). We also share personal information with Vingroup, and its subsidiaries, which are subject to this Privacy Policy, or a similar policy. (i) We share User’s personal information for the following purposes: - Transactions involving Third Parties: When User engages in transactions involving third-party services, software, or content provided by the third party for use on or through Our Services, we disclose transaction information to the involved third party. - Third-Party Service Provision: We collaborate with other companies and individuals to carry out certain tasks and programs such as incentive programs, cross-selling, etc. for User. This may include sending contact information, processing payments, assessing credit risk, and complying, implementing support programs, analyzing data, providing marketing and sales support (including management of advertisment and event), and managing User’s relationship and training. These third-party service providers have access to necessary personal information solely for performing their functions and shall not use it for other purposes. In addition, they must comply with this Privacy Policy and related privacy laws. - Corporate Restructuring and Transfers: In the course of our business development, we may acquire companies or restructure other businesses or services in accordance with applicable laws. During such transactions, personal information, databases, and the right to use information are generally among the business assets transferred. The transferee is obligated to maintain compliance with this Privacy Policy (or as otherwise approved by the User). Additionally, if Green GSM or a majority of its assets are acquired by another company, User information will be one of the assets to be transferred. - Protection of Us and Others: We reserve the right to disclose accounts and other personal information when We deem it necessary to comply with the law, enforce our terms and agreements, or to protect the rights, property, or security of Us, Our User, or any other person. This may involve sharing information with other companies and organizations to prevent and detect fraud, as well as mitigate property and credit risk. - Extent of Sharing User’s Personal Information: We share User’s personal information to the extent that is reasonable and necessary to: (a) handle User’s transactions, orders, or requests; (b) professional advisers in connection with due diligence and documentaiton of User’s transaction; (c) any third party service provider performing financial, administrative, technical, and other ancillary services; (d) government institution and other competent authorities which by law, rules, or regulations require Us to disclose User’s personal information; (e) any person or entity We contractually entered with and who ensures the confidentiality standard We implement and adheres to the Data Privacy Act of 2012 (DPA); or (f) any person in order to carry out functions of public authority, and for collection and further processing pertaining to law enforcement, taxation, or other regulatory function.

We retain User’s personal information: - To the extent necessary in keeping tract of User’s transactions and records. - As may be agreed upon by the parties to a contract. - For statistical, research, and other purpose specifically authorized by law. Data collected will be retained in accordance with retention limit set by Our standards, industry standards, and law and regulations unless User request his/her data to be deleted in Our database. Once User’s personal data is no longer necessary for the Services or purposes, or We no longer have a legal or business purpose for retaining User’s personal data, We take steps to erase, destroy, anonymise, or prevent access or use of such personal data other than compliance with this Privacy Policy, or for purposes of safety, security, fraud prevention and detection, in accordance with the requirements of applicable laws. To maintain the integrity and confidentiality of User’s personal information, We put in place organizational, physical, and technical security measures to protect your personal information such as: - Use of security servers, firewalls, encryptions, and other latest security tools. - Limited access to personal information to those duly authorized processors. - All transfers are made after complying with the established confidentility policy and practices in place. - Maintain a secured server operating environment by performing regular security patch update and server hardening.

Users’ Personal Data may be transferred from the country, state, and city ("Home Country") where they are located while using Our Services to another country, state, and city ("Alternate Country"). When We transfer Users’personal data from their Home Country to the Alternate Country, we will adhere to Our legal and regulatory obligations concerning their personal data. This includes having a lawful basis for transferring personal data and implementing appropriate safeguards to ensure an adequate level of protection for the personal data. We will also ensure that the recipient in the Alternate Country is required to protect their personal data to a standard comparable to the protection provided under applicable laws. Our lawful basis for the transfer may be either consent (i.e., We may request Users’ consent to transfer their personal data from their Home Country to the Alternate Country when Users provide their Personal Data) or one of the safeguards permitted by laws.

At greengsm.ph, security is Our highest priority. Our system is designed with the ability to ensure the safety and privacy of information of User and driver. - We have appropriate technical and security measures to prevent access and use of personal information illegally. We also regularly coordinate with security experts to update the latest information on network security to ensure the safety of personal information. When collecting data, we store and secure personal information on the server system and this personal information is secured by firewall systems and access control measures, data encrypt. - User’s payment card information issued by financial institutions is protected by us according to international standards with the principle of not recording important payment card data (card number, full name, CVV number) on our system. User’s payment transactions are performed on the relevant bank's system.

Our Services may feature third party advertisements and links to other websites and applications. Third-party advertising partners may collect information about User when User interacts with their content, advertisements, or services.

Users may view, update, and delete certain information about their account and interactions with Our Services. If unable to access or update information, User can always contact Us for assistance. Users have many choices regarding the collection and use of their personal information. Many of Our Services include functions that gives Users options about how their information is used. User may choose not to provide certain information, but then Users may be unable to take advantage of some of Our Services. - Account information: If Users would like to add, update, or delete information related to their account, please access the User’s account at the Application to do so. When Users update or delete any information, We usually keep a copy of the previous version for technical reasons. - Contact: If the User does not want to receive advertising content from Us, please submit a refusal of advertising services according to the instructed syntax (or other method as specified in the relevant contract with the User). - Advertising: If Users do not want to see interest-based advertising, please select “Unsubscribe” in the promotional email received or disable app push notification directly from the Users’ device setting. Alternatively, Users may also send an email to support.ph@greensm.com. - Browsers and devices: The Help feature on most browsers and devices will tell Users how to prevent their browser or device from accepting new cookies, how to have their browser notify them when they receive new cookies, or how to disable cookie functionality completely.

If the User is under 18 years of age, the User must obtain the consent of his/her parent or guardian before entering into a contract and accepting this Privacy Policy.

As a data subject whose Personal Information will be collected and processed by Us, in accordance with DPA, and its Implementing Rules and Regulations, Users may have the following rights: - To be informed whether their personal data shall be, are being, or have been processed, including the existence of automated decision-making or profiling, if any. - To inquire about the process of their personal data and to be provided with a copy of it. - In some cases, to request the correction and/or deletion of their personal data. - To withdraw their consent to the processing of their personal data within Our possession or control (where We are processing User’s personal data based on their consent). - To request the receipt or transmission to another organization, in a machine-readable form, of the personal data that they have provided to Us (where We are using User’s personal data based on consent or performance of a contract), and - To lodge a complain with the relevant data privacy authority if their data privacy rights are violated, or if they have suffered detriment as a result of unlawful processing of their personal data. - To be indemnified, upon valid decision, for any damages arising from the inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of their personal data, or any violation of their data privacy rights.

If Users have any questions about privacy at greengsm.ph or would like to contact our information control unit, please contact Us and We will endeavor to answer Users’ questions. Users can also contact Us at the address below: GREEN AND SMART MOBILITY PHILIPPINES INC. (Attention: Data Privacy Officer) 12 FLOOR FIVE E-COM CENTER HARBOR DRIVE COR. BAYSHORE, MALL OF ASIA COMPLEX BRGY. 76, PASAY CITY 1300 Email: support.ph@greensm.com Our business is constantly changing, and this Privacy Policy may also be amended. Users should visit and check Our website regularly to stay informed of the most recent changes. Unless otherwise specified, Our current Privacy Policy applies to all personal information about User and User’s account that We hold. Modifications to this Policy shall in no case reduce the level of protection of personal information collected previously without notifying the relevant User and giving User the right to choose.

Users have the right to submit complaints about the disclosure of personal information to third party to support.ph@greensm.com. Upon receiving the complaint, We will verify the information, provide an explanation for the disclosure, if any, and guide the Users on restoring and securing their information. We are committed to actively supporting Users in resolving complaints related to the misuse of personal information. The following process outlines the steps we take: - Step 1: Our Customer Service Center will receive User’s complaints, promplty address them, ensuring immediate responses based on Our established policies. - Step 2: In cases that are complex or not covered by Our published policies, the Customer Service Center will commit to a response of no more than seven (7) days. - Step 3: We will transfer the resolution results to the relevant departments for implementation and follow up with the User to confirm that the complaint has been resolved. Users can submit their complaints at: GREEN AND SMART MOBILITY PHILIPPINES INC. (Attention: Data Privacy Officer) 12 FLOOR FIVE E-COM CENTER HARBOR DRIVE COR. BAYSHORE, MALL OF ASIA COMPLEX BRGY. 76, PASAY CITY 1300 Email: support.ph@greensm.com