CoreLedger AG, Im alten Riet 102, 9494 Schaan, 9494 Schaan, Phone. +423 770 01 97 (hereinafter referred to as "CoreLedger AG") provides identity services for user authentication. CORELEDGER Identity services are used by Partner companies (hereinafter referred to as "PARTNERS") used to grant access to their services or applications. CORELEDGER is responsible for processing the personal data provided by you when signing up for our services or when signing up for the services of our partners or generated as a result of using our services or the services of our partners. CORELEDGER is responsible within the meaning of the Basic Data Protection Regulation (Art. 13, Sect. 1 DSGVO). Signing up for and usage of our services is done via our website or the websites of our partners or smartphone app or tablet app of our partners. Summing up hereinafter we refer to all ways of intereacting with CoreLedger Identity Services as Application or Applications. The protection of your data is very important to CORELEDGER AG. This data protection declaration was created for the sake of transparency. This data protection declaration is divided into sections (hereinafter referred to as "sections"), each of which deals with a specific topic so that you can immediately find the topic you are looking for and concentrate on it.

A - Type of Data Processed

Data collected by the application is listed below.

Identification-, contact- or other personal data

When you create an account to log into the application, CoreLedger AG may ask you for the following information: first name, last name, gender, contact details, month and year of birth, shipping address, payment method, and age of the recipient in the event of purchasing goods and/or services; Additional information may be collected in the management of all relationships through the use of the application.

Navigation Data and logfiles

The computer systems and software used for the application collect data that is included due to the use of Internet communication protocols. This information is not collected by CORELEDGER AG in order to be associated with data subjects; nevertheless, by its nature it could contribute to the identification of data subjects. This category of data includes the IP addresses or domain names of the computers used by users when they connect to the application, URI (Uniform Resource Identifier) addresses, addresses of the services requested, the time of the request, the method used to direct the request to the server, the size of the file received in response, the numerical code indicating the status of the response sent by the server (good result, error, etc.) and other parameters related to the user's operating system and computer.

The purpose of this data is merely to collect anonymous statistical information regarding the use of the application, to verify its proper functioning and to identify anomalies and/or misuse. Except in cases where the data is used to determine responsibility for a possible computer crime against the application or third parties, the data will not be stored for longer than necessary to fulfill the purpose of their collection.

B - Processing of Personal Data of Children under 16 Years of Age

Children under the age of 16 or under the age set by national legislation at which they can give their consent to the processing themselves, or in any case no younger than 13 years of age, may not register for the applications in order to access the areas reserved for the registered user.

Users who do not indicate their age will be treated as minors under the age of 16 or in accordance with the laws of the country they indicated when registering and may therefore not access the areas reserved for the registered user of the Applications. Children under the age of 18 may not purchase any goods or services on our application.

C - Purposes of the Processing of Personal Data (Art. 13 Abs. 1 Bst. c DSGVO)

We will process your data for the following purposes:

• Fulfilling the contractual obligations that we have towards you and you towards us, such as carrying out procedures relating to the management of our relations with you (e.g. managing responses to enquiries received via the contact forms; releasing password-protected areas in the applications; assisting with the loss of the login/password data of your personal account for the applications).
• Fulfilling the contractual obligations that we have towards the partners of CORELEDGER, such as identifying and authentificating you as the legitimate user of the services of our Partner or multiple partners
• Compliance with legal requirements;
• Communication via e-mail about similar products or services if you use or have used a service in an application, or if you purchase or have purchased a product or service through the application (soft spam);

D - Legal Basis for the Processing of Personal data, the compulsory/voluntary Provision of Personal Data and the Consequences of Nonprovision. (Art. 13 Abs. 2 Bst. e)

The legal basis for the processing of personal data is the correct execution of the contractual relationship with you (Art. 6 Abs. 1 Bst. b DSGVO). Failure to provide the data necessary for this purpose, or the inaccuracy of the data provided, make it impossible for CoreLedger AG to provide the service and to process the contractual relationship.The provision of the data and the related processing is also necessary for CORELEDGER AG in order to fulfil its legal obligations (Art. 6 Abs. 1 Bst. c DSGVO).

If you provide CoreLedger AG with your data, we must process them in accordance with the applicable laws, which may include storing and disclosing them to the relevant authorities to fulfil legal obligations (e.g. data protection law, personal and company law (PGR) or tax laws and tax treaties).

The provision of data and related processing for marketing purposes is based on your explicit consent (Art. 6 Abs. 1 Bst. a DSGVO), which is given via a special checkbox. You are not obliged to give this consent to CoreLedger AG and you are free to withdraw it at any time without consequences. You can revoke your consent for this purpose in accordance with the section "Rights of the data subjects".

E - Disclosure of Data

The data will be disclosed to the employees of CoreLedger AG or their contractors who are responsible for the development and administration of the applications as to partners, which contracted services from CoreLedger. These employees, who are bound to secrecy or have received a corresponding legal obligation, are entitled to process this data in order to pursue the aforementioned objectives.

Data may be passed on, used and transferred for accounting and administrative purposes within the companies belonging to CoreLedger AG or participating in CORELEDGER AG.

Data will be communicated to third parties who are used as data processors and process data on behalf of CoreLedger AG (e.g. companies responsible for the administration and processing of customer orders, suppliers such as hosting providers with whom it is necessary to cooperate for the purpose of providing services, platform providers for sending e-mails or suppliers who carry out technical maintenance, suppliers who develop interactive games and competitions).

Data may also be disclosed to third parties with whom CoreLedger AG has an ongoing contractual relationship regarding services necessary for the performance (delivery services for the delivery of products, audit firms, persons or companies that support and advise us in this area).

Finally, data will be disclosed on request to the competent tax authorities or to other public bodies in accordance with the legislation in force.

F - Data Transmission

Since CoreLedger AG is represented internationally, some of your data may be passed on to recipients outside the European Economic Area, such as those mentioned in the previous section. CORELEDGER AG ensures that the processing of your personal data is carried out by these recipients in accordance with the applicable legislation. For this reason, the data transfers are carried out within the framework of adequacy decisions

G - Storage Period of Personal Data

The data processed for the purpose of providing services and fulfilling contractual obligations will be stored by CoreLedger AG only for the period of time necessary for the performance of the requested service and for the correct fulfilment of the contractual relationship with you. As these data are processed in order to provide you with the service and to fulfil the contract, CoreLedger AG may store them for a longer period of time, in particular as long as may be necessary to protect CORELEDGER AG's interests against possible claims arising from the provision of the service.

In any case, CoreLedger AG will stipulate that the storage period in connection with orders and purchases made by you shall be 24 months. In addition, CoreLedger AG specifies that it will retain your authentication data for the services of the application for up to 48 months from the last login. After the end of this period, the data will be anonymized.

Your requests and the data they contain, collected through the Contacts/Customer Service section of the Applications, will be stored for one year after the request has been completed so that CORELEDGER AG can process any additional requests received after the request has been completed. At the end of this period, data enabling the identification (including indirect identification) of a natural person (such as first name, surname, e-mail) will be stored anonymously and only in the form of aggregated data for statistical purposes. The data processed for the purpose of complying with legal regulations (z.B. Datenschutzgesetz, Personen- und Gesellschaftsrecht (PGR), Allgemeines Bürgerliches Gesetzbuch (ABGB) oder Steuergesetze und Steuerabkommen) will be stored by CORELEDGER AG for the period stipulated by law.

The data processed for marketing and profiling purposes will be stored by CoreLedger AG until the date of revocation of consent. As soon as you have withdrawn your consent, CoreLedger AG will no longer use your data for these purposes, but may restrict data processing, in particular for as long as may be necessary to protect CoreLedger AG's interests against possible claims arising from the provision of the service.

CoreLedger AG informs you that in order to comply with the storage limitation, the data processed for marketing and profiling purposes will be retained for the purpose of calculating compliance with authentication data for a maximum of 48 months after the last login.

H - Rights of Data Subjects (Art. 13 Abs. 2 Bst. b DSGVO)

As a data subject, you have the right at all times:

• to request information about your data (and/or a copy of such data) (Art. 15 DSGVO);
• to request the correction or updating of your data processed by CORELEDGER AG if they are incomplete or out of date (Art. 16 DSGVO);
• request the deletion of your data from CoreLedger AG's databases if their processing is unnecessary or unlawful (Art. 17 DSGVO);
• request CORELEDGER AG to limit the processing of your data if the data is inaccurate, unnecessary or unlawfully processed, or if you have already refused to do so (Art. 18 DSGVO);
• exercise data transferability (i.e. the right to obtain a copy of the personal data you have provided to CoreLedger AG), (Art. 20 DSGVO);
• refuse to process your personal data by using a legal basis relating to your particular situation which, in your opinion, prevents CoreLedger AG from processing your personal data (Art. 21 DSGVO);
• Withdraw your consent for marketing and profiling purposes and refuse processing for Soft Spam purposes (Art. 7 Abs. 3 DSGVO). We remind you that your explicit consent to send promotional communications for marketing and profiling purposes extends not only to automated systems without operator intervention (e.g. e-mail), but also to traditional contact methods such as postal mail. It is possible to withdraw consent to such processing at any time, even in separate ways. For example, you may decide to receive such communications only by post and not through automated systems such as e-mail.

Please note that the data that you have provided to CoreLedger AG can be changed at any time via the "Change data" section of the application or by sending a written message to: [email protected]. You can exercise the above rights by using the above methods.

We inform you that you may at any time by writing to the above email address to opt out of receiving this promotional information for marketing purposes or, if you receive communications from IT-Tools, follow the procedure indicated in light green (via the "Opt Out" button).

Consent to profiling may be revoked at any time by changing the favorites of the user profile that can be created in the application or by sending a written notice to the above email address.  CoreLedger AG also informs you that you are entitled according to Art. 13 Abs. 2 Bst at any time to file a complaint with the competent supervisory authority (in particular in the member country of your regular residency, your workplace or the place of the assumed infringement (in particular the data protection authority in Liechtenstein) if you are of the opinion that the processing of your personal data does not comply with the currently applicable legislation.

Should you require further information, you can contact CoreLedger AG in writing at the following address: [email protected]

I - Modification of the Privacy Policy

This version 1.0 of the privacy policy is valid from 14 March 2019. CoreLedger AG reserves the right to partially or completely modify or simply update its content, also due to changes in the applicable legislation. CORELEDGER AG will inform you about these changes as soon as they are introduced.

User Agreement for the CoreLedger Identity Services

General Information

The use of the Identity Services via web or integrated authentication mechanisms requires the prior consent to the following usage agreement between CoreLedger AG, Im alten Riet 102, 9494 Schaan (hereinafter CoreLedger AG) as provider of the Identity Services and the user. We therefore ask you to read the user agreement for the Identity Servicescarefully before navigating on the Identity Servicesand using the services it offers.

1. Scope

The Identity Services are provided by CoreLedger AG. The Identity Services are a platform to create user accounts for applications of third parties. The identity services can either be used via PC or mobile devices (mobile phones, tablets) and is aimed at users residing inside and outside Liechtenstein.

The terms and conditions of this user agreement shall also apply to any updates, upgrades or updates of the Identity Services provided by CoreLedger AG which replace or supplement the originally licensed version of the Identity Services, unless such update or upgrade or such agreement is subject to a separate license agreement.

Acceptance of the user agreement is effected by creating a user account. The user declares that he has read, understood and accepted the user agreement.

The respective third party, which integrates the Identity Services into its products in order to authenticate the user is not a party to this agreement. However, it is a third-party beneficiary with the right to enforce this user agreement against the user.

2. License and Use of the App

After agreeing to the terms and conditions of the user agreement and as far as permitted by the additional terms and conditions of use and guidelines of the respective third party provider, CoreLedger AG grants the user the non-exclusive, personal, non-transferable, revocable right to use the Identity Services for private, non-commercial purposes exclusively on your own (i.e. owned by the user or otherwise under the control of the user) devices (i.e. PCs, notebooks, mobile devices) and in accordance with the authorization by the third party provider operator.

When creating a user account, the user is asked to provide a login and a password. This data (hereinafter referred to as login credentials) are required to identify the user and authenticate him for consuming content and offers of third party providers. It is the exclusive liability of the user to keep his login credentials secret. CoreLedger AG is not liable for loss of this data or the illegal usage by any other third parties. However, the user is prohibited from using the Identity Services in any way not provided for in this user agreement without the prior written consent of CoreLedger AG or from transferring or lending it to third parties. Furthermore, you are not entitled to show the Identity Servicesin whole or in part within the framework of a public performance or representation, even if no fee is charged for it. Furthermore, you may not sell, rent, lease, copy, modify, adapt, redistribute, publicly display, transmit, transmit, modify, decompile, reverse engineer, disassemble, obtain the source code, sublicense or transfer the Identity Services to third parties for use or for any of the aforementioned purposes or transfer or assign your rights to third parties without authorization.

You may not sell, rent, lease your login credentials or lend them to any third parties for any of the beforementioned activities or transfer your usage rights to any other third parties.

CoreLedger AG does not charge you for the download, installation or use of the Identity Services. However, costs may be incurred in accordance with the tariffs of the parties, domestic or foreign telecommunications providers chosen by you. Individual functions of the Identity Services may cause the transmission of large amounts of data, so that high transmission fees may be incurred for the transmission of this content via a data connection. If you are not the payer of the mobile device used for the Identity Services, CoreLedger AG assumes that you have the payer's permission to use the application.

3. Support, Updates and Deactivation of the App

CoreLedger AG reserves the right to update the Identity Servicesat its own discretion. However, CoreLedger AG is under no circumstances obliged to update the Identity Services.

In principle, CoreLedger AG does not provide any support, maintenance and/or servicing services in connection with the Identity Services. In the event of defects, functional problems or complaints in connection with the Identity Services, these can be reported via the corresponding e-mail address ([email protected]). CoreLedger AG can provide the Identity Serviceswith a function that deactivates it completely or partially, temporarily or permanently. CoreLedger AG is entitled to this right without prior notice, without giving reasons and without any compensation to the user. There is therefore no entitlement to continued use of the Identity Services.

4. Exclusion of Warranty and Liability

CoreLedger AG provides you with the Identity Servicesas seen, i.e. "as-is". Using the Identity Services is entirely at your own risk. Both CoreLedger AG and the App Store operators hereby completely exclude (both tacit and explicit) warranty for the Identity Servicesand make no other (tacit or explicit) promises, warranties or assurances with regard to the Identity Services.

In particular, you do not warrant that: (i) the Identity Servicesfunctions or is available without errors or interruptions at all times or that errors are corrected; (ii) the downloading, installation and use of the Identity Serviceswill not lead to losses, data damage, attacks by third parties, infestation with viruses or other malicious software, unwanted interventions, hacking or other security-relevant disruptions (e.g. reading or changing of data by third parties). You as the user are solely responsible for the data backup of your system, including the Identity Services stored on your system.

The liability of CoreLedger AG for direct, indirect or special damages or consequential damages arising from the use of the services, the webpage or linked pages and applications, including without limitation damages such as loss of profit or revenue, interruption of business or professional activities, loss of programs or other data stored on your device is hereby waived to the extent permitted by law.

The Identity Servicesis offered via mobile networks and nodes that are not controlled or operated by CoreLedger AG. For this reason, CoreLedger AG is not liable for a failure of the application or for difficulties or non-functioning of downloads or content or other errors resulting from third party networks or nodes not functioning. The operators of the nodes are also not liable to the user for a failure of the application or for difficulties or the non-functioning of downloads or content or other errors.

5. Intellectual Property Rights

All copyrights, trademark rights and other intellectual property rights in connection with the Identity Services are the exclusive property of CoreLedger AG and its licensors. In particular, the entire content of the Identity Services is protected by copyright. All rights with regard to the Identity Services, which are not expressly granted to you within the framework of the user agreement, remain with CoreLedger AG and its licensors. The unauthorized use, reproduction or reproduction of the content or parts of the content of the Identity Services is prohibited. No legal, copyright, trademark or other notices may be removed from the Identity Services.

6. Transmission of Data and Data Protection

In your capacity as a user, you agree that CoreLedger AG may obtain, collect, process and use anonymous tracking data for the purpose of optimizing the Identity Services and for statistical purposes when using the Identity Services. The tracking data does not allow any conclusions to be drawn about the user and is merely intended to provide general information about the user's behaviour. These data form the basis for statistical, anonymous evaluations and serve the continuous improvement of the Identity Services. In order to be able to offer user-specific and market-driven offers, they agree that CoreLedger AG may collect and process their necessary data on the use of the Identity Services. Our data protection declaration is available at: https://coreledger.net/privacy-policy/

7. Termination

The license is valid until the user or CoreLedger AG can cancel it at any time. Your rights as a user under this License will terminate automatically or immediately without notice from CoreLedger AG if you violate this User Agreement. After termination or automatic termination of the license, you are obligated to cease all use of the Identity Services and to destroy any copies of its content.

8. Current Version

For the use of the Identity Services, the current version of the user agreement applies (current version: 12.03.2019). CoreLedger AG reserves the right to change or amend these Terms of Use at any time and without prior notice. The continued use of this application after publication shall be deemed acceptance of these changes.

9. Applicable Law and Jurisdiction

The user agreement as well as the use of the Identity Servicesare subject to Liechtenstein law. The Princely Court of Justice, Vaduz, shall have jurisdiction over any disputes arising from or relating to the existence of this agreement. CoreLedger AG may also sue the other party before any other competent court.