Your privacy matters to Epilier Solutions and its affiliates(the “Company”, “we”, “Mezchip”, or “us”). We are committed to protecting your privacy and complying with applicable data protection laws. This Privacy Policy describes the information that we collect through your use of Mezchip services, how we use and disclose such information, and the steps we take to protect such information.

By visiting the Website, or by purchasing or using the company services, you accept the practices described in this Policy.

If you are a visitor to or user of a third-party website or service that utilizes the company's communication or messaging products, then any information you submit to such third-party is collected under the privacy policy of such third-party.

The “Website” means mezchip websites (including [www.mezchip.com](https://www.mezchip.com) and related domains and subdomains), and the “ mezchip services” means mezchip's customer service platform and related products, applications and services. “Customer Data” means any data or information provided by you in connection with your use of the Mezchip Services.

1.Our Services

Mezchip offers an omnichannel customer support platform that are accessible via our websites and mobile applications. This platform allows you to integrate and manage your online store as well as your social media accounts for customer support and management through a single platform. Through this platform, you can provide a better and seamless customer experience by creating tickets, tracking orders, responding to customer queries, social media comments, posts, publish messages; and also analyze the results of these activities. Collectively, we refer to these tools as our “Services”.

Any collection, use, and management of personal information by the social networks, including Facebook, Instagram and Twitter (collectively, the “Social Networks”) are governed by their respective privacy policies and terms. When using Social Networks, you are required to comply with their privacy policies and terms. We recommend you carefully review their privacy policies and terms, as Mezchip is not responsible for the Social Networks.

Any collection, use, and management of personal information by an online store generator, including Wix, Instamojo, Shopify (collectively, the “online store”) are governed by their respective privacy policies and terms. When using an online store, you are required to comply with their privacy policies and terms. We recommend you carefully review their privacy policies and terms, as Mezchip is not responsible for your online stores.

Our Services are not intended for use by children and should only be accessed by individuals who are at least 18 years old and are using the Services for business purposes.

2.What information do we collect?

We collect information about you as reasonably necessary for the following activities:

Using our Services

We collect the following information when you use our Services:

Account information:

Your contact and profile information including your name, email address, organization name, and address; your preferences such as language, time zone, and the types of communication you would like to receive from us; and image (if you choose to provide this). We may also obtain this information if you choose to use a social login service, such as Facebook Login, to create or access your account.

Billing and other payment information (if you sign up for a paid service), including payment method details, such as credit card number.

The Services you have acquired from us, including the type of plan, and transaction information related to the Services.

Content:

Your social profile information for Social Networks you choose to connect to the Services. For example, your Facebook profile information may include your Facebook username and profile image.

A specific location such as an address, a city, or a place (for example, a restaurant) if you choose to share this information.

Your messages, posts, comments, images, advertising, and other material you curate on and upload to the Services; and information that is collected from the Social Networks that you choose to connect to and which is displayed on our Services.

Content that you may send and receive through Social Networks may contain personal information that Mezchip does not directly collect or process. This may include information such as: names, photos, age, gender, geographic location, opinions, preferences, and phone numbers.

Surveys, events, and marketing information

If you choose to participate in our surveys, contests, events (such as webinars and in-person events), or those in which we are affiliated, or request information from us about our Services, we may collect information about you related to the survey, contest, or event; your contact information, such as your name, email address, telephone number, organization name and address; and general information about your organization that you choose to provide, such as annual company revenue, number of employees, and industry.

We may also use service providers to obtain additional business related information about your company such as the organization’s legal name, size, and publicly available revenue, to assist us in offering services that are appropriate to your organization’s needs.

In addition, we may collect information on email open and click rates, including whether individuals clicked on links, and which web pages are visited after opening the email.

Browsing our websites:

When you browse our websites, we collect information about you as described below, some of which is collected automatically:

When you use automated chat functionality (chatbots) to make an inquiry or other request, we may collect information about you such as your name and email address, your specific request, and information related to your use of our Services.

Log data, which may include your IP address, the address of the web page you visited before using the Services, your browser type and settings, your device information (such as make, model, and OS), the date and time when you used the Services, information about your browser configuration, language preferences, unique identifiers, and cookies

Usage data and analytics, which may include the frequency of login, and the different types of activity undertaken by users.

General Location information, such as IP ddress and the region in which you are located when you are logging in and using the Services.

Customer support questions, issues, and general feedback that you choose to provide.

Mezchip and our authorized service providers use cookies and other similar tracking technologies on our websites and Services including web beacons, pixels, and software tokens.

3. How do we use your information?

We use your information for the purposes described below:

Providing and securing our Services

We need to identify and authenticate our users to ensure, for example, that only those authorized users are able to use the Services for their organization, and to make changes to their accounts.

We use information that you provide when signing up to set up your account, process payments, contact you regarding the Services, and manage your account.

We use your contact information and information related to your request to respond to your inquiries, manage our contract with you, respond to your questions and requests, and send you updates and information about the Services.

We use logging and other data such as general location information—for example, the IP address of your browser or device, to help us manage the performance, security and compliance of the Services.

We analyze usage information, your feedback, support queries, and survey responses to help us understand and make improvements to our Services.

Communicating with you

We use your contact information where appropriate to send you information about our Services, events, marketing communications, and job opportunities. We also use your contact information to contact you for administrative purposes such as customer service, to address intellectual property infringement, privacy violations or defamation issues related to the Customer Data or Personal Data posted on the Mezchip Service. We also use email statistics, such as open rates, to assess the effectiveness of, and to make improvements to our communications.Your opt-out options for promotional communications are described below under “Your Choices.”

Improving our websites and applications

We use information about you to help us understand usage patterns and other activities on our websites and applications so that we can diagnose problems and make improvements, including enhancing usability and security.

4. What are your rights regarding the information about you?

Services information

When using our Services, you may access, update, or correct most of your Account information by logging in to your account to edit your profile or organization record.

If you have requests that cannot be carried out by logging in to your account, such as accessing additional information or deleting information about you, please email us at [email protected]. Please note that we may need to retain certain information about you for as long as you maintain an account for our Services, to provide you with our Services, for record keeping purposes, for payment processing, to comply with our legal and regulatory obligations, to resolve disputes, or to enforce the [applicable terms of service] or other agreement in place between you (or your organization) and Mezchip (the “Terms of Service”).

Requests to access, correct, or delete your information will be handled within thirty (30) days unless they are unusually extensive or complex, in which case we will advise you of the expected timeline for handling your request.

If you have authorized us to access your Social Network account, you may revoke this access at any time by changing the settings on your respective Social Network Account. For example, if you have authorized us to access your information of Instagram via the Facebook API services, in addition to our normal procedure for deleting stored data, you may revoke our access to your data via the Instagram account settings page, located at [instagram.com/accounts/manage_access/](http://instagram.com/accounts/manage_access/).

You can contact our Support team for other general requests about your account by emailing us at [email protected]

Marketing emails, advertising and website browsing

For marketing communications, you may opt out of marketing communications sent by Mezchip by clicking on the unsubscribe link in the marketing email you receive.

Your choices

Access and updates

We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Mezchip Services. You may access, review, correct, update, change or delete your information at any time by contacting us. We may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical, or for which access is not otherwise required.

You may update, correct, or delete your Account information and preferences at any time by accessing your Account settings page. Please note that we may store information for backups, archiving, prevention of fraud and abuse, analytics, due to legal obligations, or if we believe that we have a legitimate reason to do so.

Personal Data that is part of Customer Data is subject to the Customer’s own privacy policy, and any request for access, correction or deletion should be made to the Customer responsible for the uploading and storage of such data into the Mezchip Service.

Opt-out

We will not send you any commercial information unless you at a previous point have actively agreed to such.  If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email or by contacting us. It may take up to ten (10) business days for us to process your request.

We may provide you with the opportunity to “opt-out” of having Personal Data stored at Mezchip. If you decide to opt-out, we may not be able to provide certain features of the Mezchi Services to you.

Since Mezchip has no direct relationship with the Customers’ users/customers, a person who seeks access to, or wants to correct or delete inaccurate data or withdraw consent for further contact must contact the Customer directly. We will delete, amend or block access to any Personal Data that we are storing only if we receive a written request to do so from the Customer who is responsible for such Personal Data, unless we have a legal right to retain such Personal Data. We reserve the right to retain a copy of such data for archiving purposes, or to defend our rights in litigation.

5. Who has access to your information?

Mezchip does not rent or sell your information. We restrict access to your information to authorized employees and we do not share your information with third parties except in the circumstances explained below.

Employees and Authorized Contractors

Our employees and authorized contractors may need to access information about you when they require this to perform their job. For example, a customer support representative would need access to your account to validate your identity and respond to your question or request; our email communications team would need access to your contact information to ensure this information is sent correctly and any unsubscribe requests are properly managed; and our security staff would need to review information to investigate attempted denial of service attacks, fraudulent account activity, or other attempts to compromise the Services.

All our employees and contractors are required to agree to maintain the confidentiality and protect the privacy of your information.

Service Providers, Authorized Resellers, and Partners

We will share limited information about you to authorized service providers we use for marketing services, communicating with you, managing our customer database, the provision of professional services, and providing and managing the Services (including hosting data centers, securing our Services, and payment processing).

Where you have purchased a service from an authorized reseller or partner, we may provide information about you to (and may receive information about you from) the reseller or partner as necessary to support your use of the service you purchased.

When sharing your information with any of these service providers, resellers and partners, we ensure they agree to obligations consistent with this Privacy Policy and any other appropriate confidentiality and security measures, and only use your information to carry out the Services and your requests.

Social Networks and Third-Party Services

Where you are using our Services and have chosen to connect your Social Networks to the Services, or if you authorize a Third-Party Service to access your account, you are agreeing to provide information about you to the Social Networks and the Third-Party Services under their respective terms and privacy policies.

Successor Entities

If we are acquired by or merge with another entity (in which case we will require such entity to assume our obligations under this privacy policy), if we are involved in a bankruptcy, or if the ownership or control of all or part of our Services or their assets changes, information about you will be transferred to such entities.

Law Enforcement, Government Agencies, and Professional Advisors

We may need to disclose information about you where we believe that it is reasonably necessary to comply with a law or regulation, or if we are otherwise legally required to do so, such as in response to a court order or legal process, or to establish, protect, or exercise our legal rights or to defend against legal claims or demands.

In addition, we may be required to disclose information about you if we believe it is necessary to investigate, prevent, or take action: (a) against illegal activities, fraud, situations involving potential threats to our rights or property (or to the rights or property of those who use our Services), or to protect the personal safety of any person; or (b) regarding situations that involve the security of our Services, abuse of the Services infrastructure, or the Internet in general (such as voluminous spamming, or denial of service attacks).

6. What International data transfers occur under Mezchip?

Under the General Data Protection Regulation (GDPR) and other data protection laws, information about you may only be transferred from your region to other regions if certain requirements are met. For instance, under the GDPR, information about you may be transferred from the European Economic Area (EEA) to outside the EEA if adequate data protections are in place. We may store, process and transfer Personal Data we collect through the Mezchip Services in centralized databases and with service providers located in the U.S. The U.S. may not have the same data protection framework as the country from which you may be using the Mezchip Services. When we transfer Personal Data to the U.S., we will protect it as described in this Privacy Policy.

Mezchip uses third-party service providers, such as managed hosting providers, credit card processors, and technology partners to provide the software, networking, infrastructure and other services required to operate the Services. These third-party providers may process or store personal data on servers outside of the EEA. We rely on the service provider’s registration in the EU-US Privacy Shield and/or standard contractual clauses (if sent to the US) to ensure that information about you is lawfully transferred under EU law.

The Social Networks, online stores and Third-Party Services that you choose to integrate with our Services may collect, store, and process your information from various locations around the world according to their own terms and privacy policies.

7. How do we safeguard your information?

Mezchip maintains industry standard security safeguards to protect your information. This includes ensuring our employees receive appropriate security and privacy training and guidance so they are aware of the measures they need to implement to protect your information.

We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls. We use SSL technology to encrypt data during transmission through public internet, and we also employ application-layer security features to further anonymize Personal Data.

However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data has been compromised, please contact us at [email protected]

If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.

8. How long do we retain your information?

We retain your information only as long as required to provide the Services requested by you, for record keeping purposes, to comply with our legal obligations, resolve disputes, and enforce the terms for the Services.

After it is no longer necessary for us to retain information about you, we will dispose of it in a secure manner or anonymize the information.

9. California privacy rights

Provided you are a California resident, California law dictates that you may request information about any sharing of Personal Data with third-parties for direct marketing purposes. Please see instructions and regulation in the Shine the Light Law. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

California law also requires that inform how we respond to a “Do Not Track” signal which some browsers offer to send. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

If you are under 18 years of age, reside in California, and have a registered account with the Website, you have the right to request removal of unwanted data that you publicly post on the Website. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Website, but please be aware that the data may not be completely or comprehensively removed from all our systems .

‍

10.Minors privacy

As stated in our Terms of Service/ the Agreement, the Mezchip Services are not for children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18 without obtaining parental consent. If you are under 18 years of age, then please do not use or access Mezchip Services. Should we learn that Personal Data has been collected through the Mezchip Services from children under 18 years of age without verifiable parental consent, we will seek to delete this information.

To the extent that a minor has posted content on the Mezchip Services which is available for a group of people, the minor has the right to have this content deleted or removed using options described in this Policy. Even though we will do our outmost to permanently remove content, we cannot guarantee the deletion will be complete.

11. Mezchip's roles under the GDPR and UK data protection laws

Depending on the situation and the type of data involved, mezchip may act as a data controller or a data processor.

Mezchip as a data controller

Mezchip acts as a data controller when we are:

Collecting information from you to set up and administer your Mezchip account (for example, Account information such as your name and email address);

Monitoring usage information on our website;

Managing your contact and other related information to send marketing, Services, and other communications to you;

Responding to a support or general inquiry; and

Recruiting individuals for job opportunities.

Legal bases for processing when Mezchip is a data controller

The legal bases for processing information about you include:

Your consent (for example, when you have provided your information to sign up for an account or for a webinar; or you have provided your employment history when applying for a job). Where we rely on your consent to process personal data, you have the right to withdraw your consent at any time.

It is necessary to perform a contract (for example, we may need your information to fulfill our obligations of providing Services to you under the terms relevant to the Services you have acquired).

Legitimate interest (for example, to provide and maintain the Services to you, to maintain the security of the Services, and to attract new customers to maintain demand for the Services).

In some cases, we may have a legal obligation to process your personal data to comply with relevant laws (for example, processing payroll and tax information to comply with relevant employment and tax legislation); or processing is necessary to protect your vital interests or those of another person (for example, obtaining health-related information during a medical emergency).

Your rights when Mezchip is a data controller

Where Mezchip is acting as a data controller, we have outlined certain rights in the section [“What are your rights regarding the information about you?”]

In addition, you may have the following rights:

Right to object to processing: you may request that Mezchip stops processing information about you (for example, to stop sending you marketing communications).

Right to restrict processing: you may request that we restrict processing information about you (for example, where you believe that this information is inaccurate).

Right to data portability: you may request that we provide you with information Mezchip has about you in a structured, machine-readable, and commonly used format, and you may request that we transfer this information to another data controller.

If you would like assistance on any of the above requests, please email us at [email protected] with details of your request so that we may consider how we can help you.

Mezchip as a data processor

Mezchip does not own, control or direct the use of any of the Customer Data stored or processed by a Customer or user via the Mezchip Services. Mezchip is largely unaware of what Customer Data is actually being stored or made available by a Customer to the Mezchip Service and does not directly access such Customer Data unless authorized by the Customer, or as necessary to provide the Mezchip Services to the Customer and its customers/ users.

Mezchip is not responsible for the content of the Personal Data contained in the Customer Data or other information stored on its servers or its subcontractors’ servers at the discretion of the Customer nor is Mezchip responsible for the manner in which the Customer collects, handles, distributes or otherwise processes such information.

Where you are using our Services and making decisions about the personal data that is being processed in the Services (including selecting the Social Network accounts and your online store you wish to connect to the Services, or uploading and using Content), you are acting as a data controller and Mezchip is acting as a data processor.

There are certain obligations under the GDPR that you have as a data controller, including being responsible for managing Content on the Services. As a data processor, Mezchip will only access and process Content to provide you with the Services in accordance with your instructions (which you provide through the Services), the Terms of Service, the Social Networks’ terms, and applicable laws. As part of delivering the Services, we may process Content to further improve the Services, such as enhancing usability and developing new features.

If you, as a data controller, require Mezchip to agree to data protection requirements under Article 28, GDPR, or under UK data protection laws, Mezchip makes available a data processing addendum that meets these requirements. Please email your customer details (organization name and plan information) with your request to [email protected]

12. Changes to this Privacy Policy

We may make changes to this privacy policy at any time to reflect updates to our Services, applicable laws, and other factors. We will include a prominent notice on this website and/or our Services if we make any material changes, but we encourage you to stay informed by reviewing this policy periodically.

Your continued use of the Mezchip Services after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.

13. How to contact us

If you have any questions, concerns or feedback, please email us at [email protected]. If you have any complains or concerns on your data privacy you can write to our Privacy Officer/Data Protection Officer: Priyanka Prasad at [email protected], or send a letter to:

Epilier Solutions, No. 19, 4th C Cross,

Koramangala Industrial, 5th Block Area, Bengaluru, Bangalore,

Karnataka-560095.

If we are unable to resolve your concerns, you also have the right to contact your local data protection authority.