1. Information Collection

A. Information Collected

"Personal Information" means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal information we collect includes:

Information Provided by You

• Membership Registration: name, email address, password, and optionally gender and birth date.
• Sign in with Google or Apple: name and email address provided by the identity provider.
• Provision of Services or Products: name, email address, phone number, and shipping address of the ordering and/or receiving person.
• Customer Services (inquiries, returns, repairs): name, email address, and details of the inquiry (purchase, payment, repair history).
• Payment: payment card details and billing information processed by our payment partners.
• Refund: name, billing history, and bank or card details required to issue the refund.
• Marketing and Advertising: name, email address, marketing preferences, cookie identifiers.
• Content: photos and other media you upload through participatory features such as reviews.
• Automatically collected technical data: operating system, application version, device model, unique identifiers.

Information Collected When You Use Our Website

• Log information: IP address, log data, time of use, search terms entered by you, pages visited, cookies, purchase and payment records, and access suspension records.

B. Method of Collection

We may collect your information by the following ways:

• web page, written form, telephone, email, tools and cookies for collection of created information
• through trusted partner companies operating on our behalf

C. Retention Period of Personal Information

We keep and use personal information for the period stated when we collected it. We may retain such information for longer if required by applicable law.

We retain and use personal information for members from the date you create an account until the service contract is terminated (including withdrawal from membership or suspension).

Unless required by applicable law or upon a request made by you, we will dispose of information we do not re-use after the period set out in applicable law, or will keep and manage inactive members' information separately from other members. We will notify you 30 days before the date the information is disposed of, or kept separately, by email or other similar method.

The retention period as per applicable law in the Netherlands and the EU:

• Records on display/advertisements: 6 months
• Records on contract and withdrawal: 5 years
• Records on payment and supply of goods: 5 years (Dutch tax law)
• Records on consumer complaints and disputes: 3 years
• Records on computer communications and internet access: 3 months

We may also keep information in accordance with company policy to prevent material damage, crimes, lawsuits, etc., even if not specifically required by law. We will only keep the information, and for the retention period, necessary to achieve that purpose. "Fraudulent Use" means any acts that do not conform to normal e-commerce practices, including illegal acts or taking unfair advantage of the site (for example, habitually or repeatedly cancelling or returning goods without a justifiable reason, repetitive membership withdrawal and re-registration, or participating in sweepstakes using multiple emails).

For fraudulent-use prevention we retain: name, phone number, email, address, and identity-verification result values for up to 5 years.

2. Use of Collected Information

We use the information collected from you for the following purposes:

• Member management and identification
• To detect and deter unauthorized or fraudulent use of or abuse of the service
• Performance of contract, payment, and service fee settlement regarding services demanded by you
• To provide customer service and other services to you
• Improvement of existing services and development of new services
• To notify you of features of the FGHTERS sites or applications and any policy changes
• To help you connect with other users you already know and, with your permission, allow other users to connect with you
• To make statistics on members' service usage, to provide services and place advertisements based on statistical characteristics
• To provide information on promotional events as well as the opportunity to participate
• To comply with applicable laws or legal obligations (including any requests by government)
• To use information with the prior consent of users (for example, marketing communications)

We will obtain consent from you if we need to use Personal Information for any purpose not expressly stated in this Policy.

3. Disclosures of Collected Information

Share of Personal Information

Except for the following cases, we will not disclose Personal Information to a third party:

• Affiliates, partners and service providers. When our affiliates, partners and service providers carry out services such as payment processing, order fulfilment, product delivery, customer communication (live chat, email), marketing, and dispute resolution on our behalf.
• When you provide consent. When you choose to receive information about products and services of certain companies by sharing your Personal Information with those companies; when you allow your Personal Information to be shared with social networking sites or platforms; and in other cases where you give prior consent.
• Required by law. When we are required to disclose information by law, regulation, or by investigative agencies in accordance with applicable procedures.

Sale of Personal Information

We do not sell or rent any of your Personal Information.

Entrusted Processing of Personal Information

To run the FGHTERS Platform we entrust certain personal information to sub-processors in the following categories:

• Payment processors (card payments, refunds, fraud prevention)
• Shipping carriers (order fulfilment and tracking)
• Hosting, CMS, and authentication providers (website, content, account storage)
• Email service providers (transactional and marketing email)
• Customer support tools (ticketing, live chat)

A full list of current sub-processors is available on request — email support@fghters.com.

When we engage a sub-processor we sign an agreement covering the sub-processor's obligations (including that they may only process personal information for the entrusted purpose, restrictions on re-entrustment, our right of audit, and indemnity), and we supervise that the sub-processor processes personal information safely.

We will notify you through this Policy of any material changes to the services entrusted or to the entrusted party.

4. Your Rights

You or your legal representatives, as main agents of the information, may exercise the following rights regarding the collection, use and sharing of Personal Information by us:

• Right to access. You may access information and check the records of the collection, use and sharing of your information.
• Right to rectification. You may request to correct inaccurate or incomplete information.
• Right to erasure. You may request the deletion of your information, except where we are permitted by law to retain it.
• Right to restriction of processing. You may request temporary suspension of processing in case of disputes over the accuracy of information and the legality of processing, or where retention is necessary.
• Right to data portability. You may request that we provide or transfer your information.
• Right to object. You may object to processing of your Personal Information for direct marketing, our legitimate interests, the exercise of official duties and authority, or research and statistics.
• Right to automated individual decision-making, including profiling. You may request that we cease automated processing of your personal information, including profiling, which has a significant impact or legal effect on you.

You also have the right to lodge a complaint with the supervisory authority in the country in which you reside. In the Netherlands this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

5. How to Exercise Your Rights

To exercise the rights above, sign in and use the Profile tab on your account page, or send an email to support@fghters.com. We will take measures without delay and notify you of the results. We may reject your request only where there is a proper legal cause or equivalent cause. To fulfil your request, we may need to verify your identity or the authority of the person acting on your behalf.

Please note that we cannot fulfil your request if we cannot verify your identity or the authority of the person authorized to act on your behalf.

Contact: support@fghters.com

6. Cookies

For full details on how we use cookies, see the Cookie Policy tab above.

In summary: our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our site. We use four categories of cookies: strictly necessary, analytical/performance, functionality, and targeting. By continuing to browse the site, you are agreeing to our use of strictly necessary cookies; analytical, functional, and targeting cookies are loaded only with your consent.

7. Security

We regard the security of Personal Information as very important. We have the following security measures in place to protect your Personal Information from unauthorized access, release, use or modification:

• Encryption of Personal Information — transmitted over HTTPS / TLS connections, sensitive information such as passwords stored in encrypted form.
• Counter-measures against intrusion — protected access zones with controls to prevent leakage or damage from hacking or computer viruses.
• Internal management plan — a documented data-protection plan covering staff access controls.
• Access control and audit logging — we operate access control systems and take measures to prevent forging or alteration of access records.

8. Procedure and Method of Destroying Personal Information

In principle, as soon as the purpose for collecting Personal Information has been achieved, the applicable information will be destroyed without delay.

The procedures, deadlines, and methods are below.

Procedure for disposal

Information you have input is transferred to a separate database (or separate documents for paper) once the purpose has been achieved. According to our internal policy and applicable laws, it shall be stored for a certain period or disposed of without delay.

Deadline for disposal

Once the retention period of your Personal Information has elapsed, or if it is no longer needed because the goal is achieved, the service is cancelled, or the business closes, the information will be disposed of within 5 days from the last date it was needed.

Method of disposal

Personal Information in electronic form is deleted in a way that it cannot technically be recovered. Information on paper is shredded or incinerated.

9. Protection of Personal Information of Children

We do not knowingly collect any information from children under the age set by the laws of the applicable jurisdiction (16 in the EU/Netherlands unless lowered by member-state law). The Website has an age check at registration so that children under that age cannot create an account, and we do not intentionally collect any Personal Information from children. If we become aware that we have collected Personal Information from a child under the applicable age, we will delete that information from existing files.

If we collect any Personal Information from a child under the applicable age for unavoidable reasons, we will follow these additional procedures:

• Verify, using reasonable effort, whether the user is below the age at which consent from a guardian is required, and that the consenting person is authorized.
• Obtain consent from the parents or guardian of the child to collect Personal Information of the child or to send information about FGHTERS products and services.
• Notify the parents or guardian of FGHTERS's policy of privacy protection for children, including the items, purpose and sharing of Personal Information collected.
• Grant to legal representatives of the child the right to access, correct, delete, restrict processing of, and request withdrawal of consent previously given.
• Limit the amount of Personal Information collected to what is strictly necessary for participation in online activities.

10. Modification of Privacy Protection Policy

We have the right to amend or modify this Policy from time to time. If we do, we will post a notice on the bulletin board of the Website (or send individual notice by email).

11. Others

A. Data Transfer to Other Countries

Our business operates globally; we may transfer your Personal Information to sub-processors located in other countries for the purposes expressly stated in this Policy. For places where Personal Information is transmitted, retained, or processed, we take reasonable measures to protect it (for transfers outside the EU/EEA we rely on European Commission adequacy decisions or Standard Contractual Clauses).

B. Third-Party Sites and Services

The FGHTERS Website, products, or services may include links to those of third parties, and the privacy-protection policies of those third-party sites may be different. Users should check the policies of any third party linked from the FGHTERS site.

C. Person in Charge of Protecting Personal Information

For questions about this Policy or to exercise any of the rights above, contact support@fghters.com.