Privacy Choices & Data Rights

Effective Date: November 22, 2025

This Privacy Choices section (“Policy”) is published by Abacus Global Internet Services Ltd. (AGIS) and its subsidiaries, including Abacus Global Holdings Ltd. (“we,” “our,” “the Company”). This Policy explains the rights available to users (“you,” “data subjects”) under global privacy frameworks and outlines how such rights may be exercised.

1. Disclaimer & User Responsibility

By using the Platform, you acknowledge and agree that:

• You are solely responsible for submitting accurate, complete, and verifiable requests.
• You understand that exercising privacy rights may require identity verification.
• The Company is not liable for delays, processing errors, misdeliveries, unverifiable information, or third-party service issues that impact your request.
• The Company provides privacy rights tools on an “AS IS” and “AS AVAILABLE” basis without any guarantees or warranties of success, timeliness, data deletion completeness, or regulatory interpretation.
• You agree to indemnify and hold harmless AGIS and its affiliates from any claims arising from incorrect submissions, fraudulent requests, unauthorized access, or misuse of your privacy rights.

2. Rights Under GDPR (EU/EEA, UK GDPR)

Eligible users may exercise the following rights where applicable:

• Right of Access: Request a copy of personal data we hold.
• Right to Rectification: Request corrections to inaccurate data.
• Right to Erasure (“Right to be Forgotten”): Request deletion of personal data.
• Right to Restriction of Processing: Request temporary or full restriction.
• Right to Data Portability: Receive data in a structured, machine-readable format.
• Right to Object: Object to certain types of processing where allowed by law.
• Right Not to Be Subject to Automated Decision-Making: Request human review.

To exercise GDPR rights, email: [email protected].

3. Rights Under CCPA/CPRA (California)

California residents may exercise the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request categories and specifics of collected personal data.
• Right to Delete: Request deletion of personal information, subject to exceptions.
• Right to Opt Out of Sale/Sharing: Prevent your data from being “sold” or “shared.”
• Right to Correct: Request correction of inaccurate information.
• Right to Limit Use of Sensitive Data: Restrict certain processing of sensitive info.

Do Not Sell or Share My Personal Information:
Click here to submit an opt-out request.

4. Additional Global Rights

This Policy also accommodates rights under international regulations where applicable:

• LGPD (Brazil) – confirmation, data access, correction, anonymization, portability.
• PIPEDA (Canada) – access, correction, withdrawal of consent.
• PDPA (Singapore, Thailand) – access, correction, withdrawal, objection.
• Australian Privacy Act – access, correction rights.
• UK Online Safety regulations where processing is relevant.

5. Identity Verification Requirement

For security and fraud prevention, all privacy-related requests require verification. You may be required to provide:

• Your account email
• Username (if applicable)
• Device metadata or request reference IDs
• A signed statement confirming that you are the data subject or authorized representative

We may deny requests that are unverifiable, abusive, fraudulent, repetitive, or otherwise non-compliant with applicable law.

6. How to Submit Requests

You may submit requests to:

Email: [email protected]
Alternative Email: [email protected]

Please include:

• Full name
• Jurisdiction (e.g., EU, California, Canada)
• Specific right you wish to exercise
• Email or username associated with your account
• Details of the request (e.g., what to delete, what to correct)

Processing Time: Up to 30–45 days depending on jurisdictional requirements.
Extensions may be applied where legally permissible.

7. No Liability for Third-Party Data or Platforms

The Company is not responsible for:

• Data collected by third-party apps, advertisers, or analytics systems
• Browser extensions, plugins, or VPNs affecting data signals
• ISP-level, device-level, or OS-level data retention
• User misconfiguration of privacy settings
• Unauthorized access caused by user negligence

Users assume full responsibility for third-party interactions.

8. Withdrawal of Consent

Where processing is based on consent, users may withdraw consent at any time. Processing prior to the withdrawal remains lawful. Some services may become unavailable after withdrawal.

9. Retention & Exceptions

Deletion rights do not apply where data must be retained for:

• Legal obligations
• Security, fraud prevention, or abuse detection
• Compliance with 18 U.S.C. § 2257 and other regulatory mandates
• Internal recordkeeping required by corporate governance

10. Annual Review & Updates

This Policy is reviewed annually in accordance with the AGIS Corporate Compliance Framework and may be revised at any time. Continued use of the Platform constitutes acceptance of the updated version.