1. General Provisions

1.1. This Privacy Policy denes the procedure for processing and protecng the personal data of

Users of the VoltAge mobile applicaon.

1.2. The personal data controller is PAYCONNECT LLC, registered in accordance with the

legislaon of the Republic of Uzbekistan.

1.3. By using the Applicaon, the User conrms that they have read and understood this Policy.

2. Principles of Personal Data Processing

2.1. Personal data is processed on a lawful and fair basis.

2.2. Only data necessary for the funconing of the service is processed.

2.3. Processing of excessive personal data is not permied.

2.4. The accuracy and relevance of data are ensured.

3. Categories of Data Processed

The Company may process the following categories of data:

- idencaon data (full name);

- contact data (phone number, email);

- account data;

- geolocaon data;

- electric vehicle data (type, model);

- charging session history;

- payment data;

- technical data (IP address, logs, device ideners);

- data on the use of the Applicaon.

4. Purposes of Personal Data Processing

Personal data is processed for the following purposes:

- registraon and idencaon of the User;

- provision of charging services;

- calculaon of cost and processing of payments;

- ensuring security and prevenng fraud;

- improving service quality and analycs;

- compliance with legal requirements.

5. Legal Grounds for Processing

5.1. The User’s consent to the processing of personal data.

5.2. The necessity to perform the agreement (Public Oer).

5.3. Fulllment of obligaons established by law.

6. Automated Data Processing

6.1. The Applicaon uses automated soluons for:

- selecng charging staons;

- calculang charging costs;

- generang recommendaons.

6.2. Such soluons do not produce legal eects without the User’s parcipaon.

7. Transfer of Personal Data to Third Pares

7.1. Data may be transferred to the following categories of recipients:

- payment systems and aggregators (Uzcard, Humo, etc.);

- partners — operators of charging staons;

- contractors ensuring the operaon of IT infrastructure;

- government authories — in cases provided for by law.

7.2. Transfers are carried out in the minimum necessary scope.

8. Cross-Border Transfer of Data

8.1. The Company may carry out cross-border data transfers when using cloud services.

8.2. Such transfers are performed provided an adequate level of data protecon is ensured.

9. Personal Data Retenon Periods

9.1. Personal data is stored no longer than necessary for the purposes of processing.

9.2. Aer the purposes are achieved, the data shall be deleted or anonymized unless otherwise

required by law.

10. Protecon of Personal Data

10.1. The Company applies technical and organizaonal security measures, including:

- access restricon;

- encrypon;

- monitoring and auding.

11. User Rights

The User has the right to:

- obtain informaon about their data;

- request correcon/claricaon of their data;

- withdraw consent;

- request deleon of data within the limits permied by law.

12. Contact

Requests regarding personal data shall be sent using the Company’s contact details.