This summary Privacy Notice (“Summary Notice“) will provide you with a summary of the accompanied, detailed Privacy Notice (hereafter “Full Notice“, together “Summary and Full Notice“) on the data processing activities of BIOBOT SURGICAL PTE LTD 79 Ayer Rajah Crescent, #04-05, Singapore 139955 being the controller of this website or the relevant BIOBOT SURGICAL company responsible for processing your data (the relevant BIOBOT SURGICAL company can be found here ) (“Biobot Surgical“, “our“, “we” or “us“) with respect to individually identifiable information (“Personal Data“) about users of our products and services (including sale of hardware like routers, equipment to cyber security, managed services, international data connectivity, internet services, data center services, cloud-based services, and applications) (“Products and Services“).

This Summary and Full Notice applies to you if you are a user of our Products and Services.

We process the following of your Personal Data collected during your use of our Products and Services: data identifying you, your interaction with us, your account information, information on your use of our Products and Services, information on your equipment in our network, as well as your preferences.

We process your Personal Data for the following purposes: provisioning and administering of services; market research, network, and service enhancement; sharing of rewards and benefits; security and risk management; legal and regulatory requirements; and marketing.

We transfer your Personal Data to our service providers, and, in accordance with applicable law, other governmental authorities, courts, external advisors, and similar third parties, some of the aforementioned recipients located in jurisdictions outside the EU.

Your Personal Data will be deleted once they are no longer needed for the purposes motivating their original collection or as required by applicable law.

You have a number of rights with regard to the processing of your Personal Data, each as per the conditions defined in applicable law, such as the right to have access to your Personal Data, to have them corrected, erased or handed over. Please refer any of your questions to sales@biobotsurgical.com.

This Summary and Full Notice are subject to change. You will be notified adequately of any such changes. Further, you will be notified adequately through further relevant privacy notices (e.g. for specific purposes) in case such is not covered by this Summary and the Full Notice.

If you wish to exercise your data subject rights or if you have any other questions concerning this Summary and Full Notice, please address your request to us. We can be contacted at sales@biobotsurgical.com.

BIOBOT SURGICAL collects personal data to understand your needs better. This helps us to improve our Products and Services and the way we communicate with you.

We know that privacy is important to you and we strive to be as open and transparent as possible in how we serve you.

We conduct our business in compliance with the GDPR and have implemented additional measures to protect your Personal Data.

BIOBOT SURGICAL’s GDPR Policy aims to help you understand how we collect, use, share and protect your Personal Data.

It is important that you read this policy together with any other policy notice we may provide on specific occasions when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using your data. This policy supplements the other notices and is not intended to override them.

Please note that

• Some of our Products and Services use cookies.
• this Summary and Full Notice is to be read together with our Terms and Conditions of Services – General and applies to all Products and Services provided by any BIOBOT SURGICAL Corporation under the Terms and Conditions of Services – General; and
• different or separate data protection policies may apply to specific Products and Services provided by BIOBOT SURGICAL. Please refer to the relevant terms of use for specific Products and Services for more information.

1. Categories of Personal Data

We process the following Personal Data about you (hereinafter jointly “Your Data“):

• Your full name, your postal address including your street and number, city, zip code and similar data (hereinafter jointly “Contact Data“);
• Your NRIC, FIN, national identity card numbers or passport number, telephone number, e-mail address, date of birth, device ID and IP address and similar data (hereinafter jointly “Identity Data“);
• Bank and credit card details (hereinafter jointly “Payment Data“);
• A note or recording of a call you make to one of our contact centres, an email or letter you send to us or other records of any contact you have with us and similar data (hereinafter jointly “Interaction Data“);
• The subscription services you use or other details related to your account and similar data (hereinafter jointly “Account Data“);
• Phone numbers when you call us or text messages you send to us and vice versa, as well as the date, time and duration of your calls through our network and the approximate location of your mobile device, Information on the performance of your device on our network and similar data (hereinafter jointly “Use of Services Data“);
• Information you share with us on how you would like to be contacted, and your preferred Products and Services and lifestyle activities and similar data (hereinafter jointly “Preferences Data“); and
• Information from fraud-prevention agencies, business directories, credit reference agencies or individuals we believe you have authorised to provide your personal details on your behalf and similar data (hereinafter jointly “Compliance Data“).

Generally, we collect Your Data in the following ways:

Direct interactions such as when you

• Subscribe to our Products and Services;
• Use our network and other Products and Services;
• Register for a specific Product and/or Service (e.g. registering your interest to purchase handsets);
• Sign up for alerts or newsletters;
• Contact us with a question or request for assistance;
• Participate in a competition, lucky draw or survey;
• Visit our websites and applications (through the use of cookies / mobile advertising IDs and other technologies);
• Give us feedback;
• Interact with us on the telephone or in person;
• Register for webinars;
• Attend a conference, exhibition or meeting (e.g. from business cards).

Automated technologies or interactions
As you interact with our Products and Services, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, and other similar technologies.

Third parties or publicly available sources
We may receive personal data about you from various third parties and public sources as set out below:

• Contact data, financial data and transaction data from providers of technical, payment and delivery services; and
• Identity and contact data from publicly available sources (such as public social media profiles).

2. Processing purposes

We process Your Data to the extent permitted or required under applicable law, for the following purposes:

• Process your orders and activate or deactivate services, enable us to process bills and payments, respond to enquiries and requests from you or people you have authorized or completed forms for you, authentication, facilitate interconnection and inter-operability with other telecommunications operators (hereinafter “Provisioning Purposes“);
• Develop new Products and Services, as well as personalize the services we offer you, improve our network, for example by looking at usage and mobility patterns, perform market analysis, improve your user experience based on your usage behavior on our Products and Services (hereinafter “Service Enhancement Purposes“);
• Conduct market research and customer satisfaction surveys to improve our customer service, inform you about service upgrades and updates, use marketing and advertising technology to send you information on Products and Services that might be interesting for you, offer rewards and promotions, and share promotional benefits and loyalty programs which you may qualify for, provide updates, offers, invitations to events and deliver relevant advertising, including through voice, SMS and digital advertising (hereinafter “Benefits Purposes“);
• Inform you of service and security issues, prevent and detect fraud or other crimes and recover debts, conduct internal audits and determine creditworthiness, ensure the safety and security of our properties and systems, conduct checks against money laundering, terrorism financing and related risks (hereinafter “Security Purposes“); and
• Meet legal, regulatory and other requirements including providing assistance to law enforcement, judicial and other government agencies (hereinafter “Regulatory Purposes“).

2. Processing purposes

We process Your Data to the extent permitted or required under applicable law, for the following purposes:

• Process your orders and activate or deactivate services, enable us to process bills and payments, respond to enquiries and requests from you or people you have authorized or completed forms for you, authentication, facilitate interconnection and inter-operability with other telecommunications operators (hereinafter “Provisioning Purposes“);
• Develop new Products and Services, as well as personalize the services we offer you, improve our network, for example by looking at usage and mobility patterns, perform market analysis, improve your user experience based on your usage behavior on our Products and Services (hereinafter “Service Enhancement Purposes“);
• Conduct market research and customer satisfaction surveys to improve our customer service, inform you about service upgrades and updates, use marketing and advertising technology to send you information on Products and Services that might be interesting for you, offer rewards and promotions, and share promotional benefits and loyalty programs which you may qualify for, provide updates, offers, invitations to events and deliver relevant advertising, including through voice, SMS and digital advertising (hereinafter “Benefits Purposes“);
• Inform you of service and security issues, prevent and detect fraud or other crimes and recover debts, conduct internal audits and determine creditworthiness, ensure the safety and security of our properties and systems, conduct checks against money laundering, terrorism financing and related risks (hereinafter “Security Purposes“); and
• Meet legal, regulatory and other requirements including providing assistance to law enforcement, judicial and other government agencies (hereinafter “Regulatory Purposes“).

3. Legal justification for the processing of Your Data

Generally, the processing of Your Data is voluntary. However, if you do not provide Your Data, the use of the Products and Services may be different.

Furthermore, we rely on the following legal justifications for the processing of Your Data:

4. Data transfers and recipients and legal justification for such transfers

Recipients:

• Other group companies: We transfer Your Data to other BIOBOT SURGICAL companies, as permitted under applicable data protection law pursuant to Legitimate Interest Justification of BIOBOT SURGICAL to facilitate the contact with you and your queries.
• Third parties: We may transfer Your Data to governmental agencies and regulators, courts, and government authorities, all in accordance with applicable law based on Legal Obligation Justification and to external advisors acting as controllers (e.g., lawyers, accountants, auditors etc.) based on Legitimate Interest Justification.
• Service providers: We contract with third party service providers as part of our normal business operations to provide the Products and Services you have subscribed to (i.e., business partners, vendors, financial institutions to facilitate electronic direct debit payments, credit reference bureaus for preparing credit reports or evaluation of creditworthiness).

A list of data recipients can be requested via our contact details set out below.

Cross-Border Data Transfers

We may transfer Your Data outside of the country you are located. Some recipients of Your Data are also located in another country for which the European Commission has not issued a decision that this country ensures an adequate level of data protection, including Singapore, Australia, the United States of America and India.

By way of entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC) as referred to in Art. 46(5) GDPR or other adequate means, which are accessible under our contact details set out below, we have established that all recipients located outside the EEA will provide an adequate level of data protection for Your Data and that appropriate technical and organizational security measures are in place to protect Your Data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. Any onward transfer is subject to appropriate onward transfer requirements as required by applicable law.

5. Retention periods for and deletion of Your Data

Your Data processed for the purposes hereunder will be stored only to the extent necessary. If a judicial or disciplinary action is initiated, Your Data may be stored until the end of such action, including any potential periods for appeal, and will then be deleted or archived as permitted by applicable law.

In principle, we will retain Your Data as long as required or permitted by applicable law. Afterwards, we will remove Your Data from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it.

6. Your statutory rights

Under the conditions set out under applicable law (i.e., the GDPR), you have the following rights:

Right of access
You have the right to obtain from us confirmation as to whether or not Personal Data concerning you is being processed, and, where that is the case, to request access to the Personal Data. The access information includes – inter alia – the purposes of the processing, the categories of Personal Data concerned, and the recipients or categories of recipients to whom the Personal Data have been or will be disclosed.

You have the right to obtain a copy of the Personal Data undergoing processing. For additional copies requested by you, we may charge a reasonable fee based on administrative costs.

Right to rectification
You have the right to obtain from us the rectification of inaccurate Personal Data concerning you. Depending on the purposes of the processing, you have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.

Right to erasure (right to be forgotten)
You have the right to ask us to erase your Personal Data.

Right to restriction of processing
You have the right to request the restriction of processing your Personal Data. In this case, the respective data will be marked and may only be processed by us for certain purposes.

Right to data portability
You have the right to receive the Personal Data concerning you which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit that Personal Data to another entity without hindrance from us.

Right to object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your Personal Data by us and we can be required to no longer process your Personal Data. If you have a right to object and you exercise this right, your Personal Data will no longer be processed for such purposes by us. Exercising this right will not incur any costs.

Such a right to object may not exist, in particular, if the processing of your Personal Data is necessary to take steps prior to entering into a contract or to perform a contract already concluded.

Please note that the aforementioned rights might be limited under the applicable national data protection law. We remain the universal point of contact for your execution of these rights.

Please refer any of your questions to sales@biobotsurgical.com.

In case of complaints, you also have the right to lodge a complaint with the competent supervisory authority, in particular in the member state of your habitual residence or alleged infringement of the GDPR.

Summary and Full Notice last updated: [March 22, 2024]