PRIVACY POLICY

This Policy includes HOUSECORE PROPERTY CONSULTING (“HOUSECORE PROPERTY CONSULTING.”, the “Responsible Party”)’s Data Protection and Information Security Policy. HOUSECORE PROPERTY CONSULTING PRIVACY POLICY AND STATEMENT

HOUSECORE PROPERTY CONSULTING is committed to protecting your privacy. You can visit most pages on our website without giving us any Information about yourself. But sometimes we do need Information to provide services that you request, and this Privacy Statement explains data collection and use in those situations. This Privacy Statement only applies to HOUSECORE PROPERTY CONSULTING; it does not apply to other online or offline websites, products, or services. Please read the complete Privacy

Policy and Statement. COMPLIANCE WITH THE PROTECTION OF PERSONAL INFORMATION ACT, ACT 4 OF 2013 AS AMENDED (POPI ACT) This Privacy Policy Statement is subject to the POPI Act and requires the implementation of the Eight Conditions for the Lawful Protection of Personal Information in terms of the Act.


COLLECTION OF YOUR PERSONAL INFORMATION

We will ask you when we need Information that personally identifies you (Personal Information) or allows us to contact you. Generally, this Information is requested when you are registering before entering a contest, ordering e-mail newsletters, signing up for an event or training, or when purchasing and/or registering for any of our products. Personal Information collected by the Responsible Party often is limited to e-mail address, language, country, or location, but may include other Information when needed to provide a service you requested. For example: If you choose a service or transaction that requires payment, such as making a purchase in the Shop area of the website, we will request Personal Information necessary for billing and/or shipping, such as: name, address, telephone number, and credit card number. When you buy and install a new product, we may ask you to register your purchase electronically. We keep this registration Information on file with any Information you've already given us on previous visits to our website. HOUSECORE PROPERTY CONSULTING also collects certain Information from your computer hardware and software. This Information may include: your IP address, browser type, operating system, domain name, access times and referring website addresses. This Information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Responsible Party’s website. HOUSECORE PROPERTY CONSULTING also collects Information about which pages our customers visit within our Web. This website visitation data is identified only by a unique I.D. number, and it is never linked with Personal Information unless a user consent as described below.


USE OF YOUR PERSONAL INFORMATION

We use your Personal Information for the following purposes:

1. To ensure our website is relevant to your needs.

2. To deliver services, such as newsletters, events, training, or software, that you request or purchase.

3. To help us create and publish content most relevant to you.

4. To alert you to product upgrades, special offers, updated Information, and other new services from the Responsible Party, if you so request.

5. To allow you access to limited-entry areas of our website as appropriate. We will merge site-visitation data with anonymous demographic Information for research purposes, and we may use this Information in aggregate to provide more relevant content. In

some limited-entry sections of the Responsible Party, with your approval, we will combine sitevisitation data with your Personal Information to provide you with personalised content. If you decline permission, we will not provide you the personalised service and won’t merge your Personal Information with site-visitation data. We occasionally hire other businesses to provide limited services on our behalf, including packaging, mailing, and delivering purchases, answering customer questions about products or

services, sending postal mail and processing event registration. We will only provide those businesses the Information they need to deliver the service, and they are prohibited from using that Information for any other purpose. HOUSECORE PROPERTY CONSULTING may disclose your Personal Information if required to do so by law or in the good-faith belief that such action is necessary to:

1. conform to the edicts of the law or comply with legal process served on the Responsible Party or the website.

2. protect and defend the rights or property of the Responsible Party and its website; or

3. act in urgent circumstances to protect the personal safety of the Responsible Party’s employees, users of our products or services or members of the public.


CONTROL OF YOUR PERSONAL INFORMATION

When you register, or otherwise give us Personal Information, the Responsible Party will not share that Information with Third Parties without your permission, other than for the limited exceptions already listed. It will only be used for the purposes stated above.

HOUSECORE PROPERTY CONSULTING may send out periodic e-mails informing you of technical service or security issues related to a product or service you requested or confirming that you requested a product or service. You will not be able to choose to unsubscribe to these mailings, as they are considered an essential part of the service you have chosen.


ACCESS TO YOUR PERSONAL INFORMATION

We will provide you with the means to ensure that your Personal Information is correct and current. If you register with HOUSECORE PROPERTY CONSULTING or subscribe to a newsletter, you can review and edit your Personal Information at the Profile page. You will be asked to enter your username and password before viewing your Personal Information. At the Profile page you can:

(1) View and edit Personal Information you have already given the Responsible Party;

(2) Tell us whether you want us to send you marketing Information.

(3) Choose whether you want Third Parties to send you their offers by postal mail.

(4) Subscribe, or cancel subscriptions, to newsletters about our services and products. Some services offered on the Responsible Party’s website may collect Information that is not accessible via the Home or Profile page. However, in such cases, you can access your Personal Information by contacting the Responsible Party as described at the bottom of this statement.


SECURITY OF YOUR PERSONAL INFORMATION

HOUSECORE PROPERTY CONSULTING is committed to protecting the security of your Personal Information. We use a variety of security technologies and procedures to help protect your Personal Information from unauthorised access, use or disclosure. For example, we store the Personal Information you provide in computer servers with limited access that are in controlled facilities. When we transmit sensitive Information (such as a credit card number) over the internet, we protect it using encryption, such as the Secure Socket Layer (SSL) protocol.


PROTECTION OF CHILDREN'S PERSONAL INFORMATION

HOUSECORE PROPERTY CONSULTING is a general audience website and does not knowingly collect any Personal Information from children.


USE OF COOKIES

When someone visits our website, a cookie is placed on the customer's machine (if the customer accepts cookies) or is read if the customer has visited the site previously. One use of cookies is to assist in the collection of the site visitation statistics described above. We also use cookies to collect Information on which newsletter links are clicked by customers. This Information is used to ensure we are sending Information customers want to read. It is collected in aggregate form and never linked with your Personal Information. Web beacons, also known as clear gif technology, or action tags, may be used to assist in delivering the cookie on our site. This technology tells us how many visitors clicked on key elements (such as links or graphics) on the Responsible Party’s website. We do not use this technology to access your personally identifiable Information on our website; it is a tool we use to compile aggregated statistics about the Responsible Party’s website usage. We may share aggregated site statistics with partner businesses but do not allow other businesses to place clear gifs on our website. If you choose to not have your browser, accept cookies from the Responsible Party’s website, you will be able to view the text on the screens, however you will not experience a personalised visit nor will you be able to subscribe to the service offerings on the site.

OPT-OUT PROCEDURE

“Opting-out” in a legal sense means the same as it does in an everyday sense. To “Opt-Out” means you are choosing to no longer participate in something. Opting out becomes significant in a legal sense when you develop a website or app that's legally required to provide a method of opting out to those who use your website or app. Not all business models are required by law to provide an opt-out method for customers. An Opt-Out Policy that lets customers know that they have the ability and right to opt out of

aspects of your website or app, as well as a clear and easy-to-follow method for opting out, are required by law in certain circumstances.


PURPOSE SPECIFICATION OF PERSONAL INFORMATION

Any Personal Information supplied by a Data Subject shall only be collected and used by HOUSECORE PROPERTY CONSULTING for the purpose for which it was originally intended. If the Personal Information will be used for another purpose, consent from the Data Subject will be obtained prior to the use of such Information.

ACCURACY OF PERSONAL INFORMATION

In the event of any changes to the Personal Information of a Data Subject, the Data Subject is under an obligation to inform HOUSECORE PROPERTY CONSULTING of the said changes within a reasonable period.

CHANGES TO THIS POLICY

HOUSECORE PROPERTY CONSULTING will occasionally update this Privacy Policy. When we do, we will also revise the "last updated" date at the top of the Privacy Policy. For material changes to this Policy, the Responsible Party will notify you by placing prominent notice on its website. HOUSECORE PROPERTY CONSULTING reserves the right to amend, alter and terminate this Policy at any time.



6.2 CUSTOMER PRIVACY NOTICE

HOUSECORE PROPERTY CONSULTING (“HOUSECORE PROPERTY CONSULTING.”, the “Responsible Party”) recognises that one of its fundamental responsibilities is to ensure that it protects Personal Information entrusted to it by its customers. This is critical for the maintenance of HOUSECORE PROPERTY CONSULTING’s reputation and for complying with its legal and regulatory obligations to protect the Responsible Party’s customer

Information. The Responsible Party also follows a transparent Policy to handle Personal Information of its customers. In this Policy, Personal Information means any Information that relates to a natural person, which either directly or indirectly, in combination with other Information available or likely to be available with the Responsible Party, can identify such person (e.g., telephone number, name, address,

transaction history etc.). This Policy is in compliance with the Protection of Personal Information Act, Act 4 of 2013.


APPLICABILITY

HOUSECORE PROPERTY CONSULTING collects three types of Information: Personal Information, Sensitive Personal Information and Non-personal Information. Personal Information means any Information that relates to a natural person, which either directly

or indirectly, in combination with other Information available or likely to be available with the Responsible Party, can identify such person, for e.g., telephone number, name, address, transaction history etcetera. Sensitive Personal Information or Information of a person means such Personal Information which consists of Information relating to passwords, financial Information such as bank account or credit card or debit card or other payment instrument details, sexual orientation, physical physiological and mental health condition, medical records and history, biometric Information, details of nominees and national identifiers including but not limited to: account number, bank card details, passport number, income, etc. For customers enrolled in services provided by the

Responsible Party, such as online bill payment, Personal Information about the transaction is collected. Any Information that is freely available or accessible in public domain or furnished under the PAIA or any other law for the time being in force shall not be regarded as sensitive Personal Information or Information for the purpose of this Policy. The Information customers provide online is held by the Responsible Party’s business that maintains the account or is processing the application for a new product or service. Non-Personal Information includes the IP address of the device used to connect to the Responsible Party’s website along with other Information such as browser details, operating system used, the name of the website that redirected the visitor to the Responsible Party’s website, etc. Also, when you browse our site or receive one of our e-mails, the Responsible Party uses cookies and/or pixel tags to collect Information and store your online preferences. This Policy is applicable to Personal Information (including sensitive Personal Information) collected by the Responsible Party directly from the customer or through the Responsible Party’s online portals, electronic communications as also any Information collected by the Responsible Party’s server from the customer’s browser.


ACCURACY

HOUSECORE PROPERTY CONSULTING shall have processes in place to ensure that the Personal Information residing with it is complete, accurate and current. If at any point of time, there is a reason to believe that Personal Information residing with the Responsible Party is 3 incorrect, the customer should inform the Responsible Party in this regard. The Responsible Party shall correct the erroneous Information as quickly as possible.


PURPOSE OF COLLECTION AND USAGE OF PERSONAL INFORMATION

HOUSECORE PROPERTY CONSULTING shall use the Information collected to manage its business and offer an enhanced, personalised online experience on its website. Further, it shall enable the Responsible Party to:

• Process applications, requests, and transactions

• Maintain internal records as per regulatory guidelines

• Provide services to customers, including responding to customer requests

• Comply with all applicable laws and regulations

• Recognise the customer when he conducts online banking

• Understand the needs and provide relevant product and service offers

If a customer does not wish to provide consent for usage of its sensitive Personal Information or Information or later withdraws the consent, the Responsible Party shall have the right not to provide services or to withdraw the services for which the Information was sought from the customer.


DISCLOSURE / SHARING OF INFORMATION

HOUSECORE PROPERTY CONSULTING shall not disclose Personal Information of its customers without their prior consent unless such disclosure has been agreed to in a contract between HOUSECORE PROPERTY CONSULTING and the customer, or where the disclosure is necessary for compliance of a legal obligation. In case the Responsible Party discloses the Personal Information to Third Parties, such Third Parties shall be bound contractually to ensure that they protect customer Personal Information in accordance with applicable laws. The above obligations relating to sharing of Personal Information or Information shall not apply to Information shared with government mandated under the law to obtain such Information or by an order under law for the time being in force. Further, if any Personal Information or Information is freely available or accessible in the public domain, the Responsible Party shall not have any obligations regarding the same. No specific Information about customer accounts or other personally identifiable Personal Information shall be shared with non-affiliated Third Parties unless any of the following conditions is met:

• To help complete a transaction initiated by the customer;

• To perform support services through an outsourced business provided it conforms to the

Privacy Policy of the Responsible Party;

• The customer / applicant has specifically authorised it;

• To conform to legal requirements or comply with legal process;

• The Information is shared with Government agencies mandated under law;

• The Information is shared with any Third Party by an order under the law;

• Enforce the terms and conditions of the products or services;

• Act to protect the rights, interests or property of the Responsible Party or its members or of

other persons.


SECURITY PRACTICES

The security of Personal Information is a priority and shall be ensured by maintaining physical, electronic, and procedural safeguards that meet applicable laws to protect customer Information against loss, misuse, damage and unauthorised access, modifications, or disclosures. Employees shall be trained in the proper handling of Personal Information. When other businesses are used to provide services on behalf of the Responsible Party, it shall ensure that such businesses protect the confidentiality of Personal Information they receive in the same manner the Responsible Party protects. The Responsible Party shall continuously review and

enhance its Security Policies and security measures to consistently maintain a high level of

security.


AMENDMENTS

HOUSECORE PROPERTY CONSULTING shall reserve the right to change or update this Policy or Practice, at any time with reasonable notice to customers on LIBANON RECREATION CLUB’s website so that customers are always aware of the Information, which is collected, for what purpose HOUSECORE PROPERTY CONSULTING uses it, and under what circumstances, if any, HOUSECORE PROPERTY CONSULTING may disclose it. By virtue of this Privacy Policy, the customer assents to collection, use, transfer, disclosure, retention, and other processing of her/his Personal Information, including sensitive Personal Information, as described in this Policy.


RESPONSE TO ENQUIRIES AND COMPLAINTS

HOUSECORE PROPERTY CONSULTING shall encourage customer enquiries, feedback and complaints which shall help it identify and improve the services provided to the customers.


PURPOSE SPECIFICATION OF PERSONAL INFORMATION

Any Personal Information supplied by a Data Subject shall only be collected and used by HOUSECORE PROPERTY CONSULTING for the purpose for which it was originally intended. If the Personal Information will be used for another purpose, consent from the Data Subject will be obtained prior to the use of such Information.


ACCURACY OF PERSONAL INFORMATION

In the event of any changes to the Personal Information of a Customer / Client, the said Customer / Client is under an obligation to inform HOUSECORE PROPERTY CONSULTING of the said changes within a reasonable period.


CHANGES IN THIS POLICY

HOUSECORE PROPERTY CONSULTING reserves the right to amend, alter and terminate this Policy at any time.

6.3 SUPPLIER PRIVACY NOTICE

HOUSECORE PROPERTY CONSULTING (“HOUSECORE PROPERTY CONSULTING.”, the “Responsible Party”)’s Supplier Privacy Policy applies to all Suppliers who receive and Process Personal Information on behalf of HOUSECORE PROPERTY CONSULTING. and forms part of the Agreements between such Supplier and HOUSECORE PROPERTY CONSULTING which refer to this Policy.

NOTIFICATION

a) The Supplier shall immediately inform the Responsible Party in writing of any requests with respect to Personal Information received from the Responsible Party’s employees, customers, or any Third Party. The Supplier shall respond to such requests in accordance with the Responsible Party’s instructions. The Supplier shall cooperate with the Responsible Party if an individual requests access to his or her Personal Information for any reason.

b) Subject to applicable law, the Supplier shall notify the Responsible Party immediately in writing of any subpoena or other Judicial or Administrative Order by a government authority or proceeding seeking access to or disclosure of Personal Information. The Responsible Party shall have the right to defend such action in lieu of and on behalf of the Supplier. The Responsible Party may, if it so chooses, seek a Protective Order. The Supplier shall reasonably cooperate with the Responsible Party in such defence.

c) If the Supplier becomes aware of any Information Security Incident, the Supplier shall, within 24 (twenty-four) hours after becoming aware of such Information Security Incident, notify the Responsible Party’s local Data Protection Officer in writing of such Information Security Incident, specifying the extent to which Personal Information was or is reasonably believed to have been compromised or disclosed. In addition, the Supplier shall (i) perform a root cause analysis thereon, (ii) investigate such Information Security Incident, (iii) preserve all documents, Personal Information and other Information related to the

Information Security Incident and investigation, (iv) provide the Responsible Party with a Remedial Plan, acceptable to the Responsible Party, to address the Information Security Incident and prevent any further incidents, (v) remediate such Information Security Incident in accordance with such approved plan, (vi) conduct a forensic investigation to determine what systems, Personal Information and Information have been affected by such event;

and (vii) cooperate with the Responsible Party and, at the Responsible Party’s request, any law enforcement or regulatory officials, credit reporting organisations, and credit card associations investigating such Information Security Incident. If the Supplier does not provide to the Responsible Party the results and related reporting associated with its forensic investigation or the Responsible Party determines that such Information is not sufficient, then the Supplier shall allow the Responsible Party and its designees to conduct a forensic investigation of the Information Security Incident. The Supplier shall use commercially reasonable efforts to preserve all evidence relating to the Information Security Incident until the Responsible Party has completed such forensic investigation or confirmed to the Supplier that it waives its right to conduct such an investigation. To the extent that the Supplier is unable to preserve any evidence relating to the Information

Security Incident, the Supplier shall create and maintain forensic copies of all such evidence and supporting documentation reasonably necessary for the investigation and prosecution of claims relating to such Information Security Incident.

d) Without limiting the foregoing and notwithstanding anything herein or in the Agreement to the contrary, the Responsible Party shall make the final decision on notifying the Responsible Party’s customers, employees, service providers and/or the public of such Information Security Incident as it relates to the Responsible Party, and the implementation of the remediation plan as it relates to the Responsible Party and the services provided to the Responsible Party under the Agreement. If a notification to any person is required under any Privacy Law, then at the Responsible Party’s option notifications to all persons who are affected by the same event (as reasonably determined by the Responsible Party shall be considered legally required. e) The Supplier will be responsible for the costs and expenses associated with the performance of its obligations in Section II(c) above if the Information Security Incident did not result from the acts or omissions of the Responsible Party or any of its Third Party providers (excluding the Supplier and its designees), and the Supplier shall reimburse the Responsible Party on demand for all Notification Related Costs (as hereinafter defined) incurred by the Responsible Party arising out of or in connection with any such Information

Security Incident. The Responsible Party will be responsible for the Supplier’s reasonable costs and expenses associated with the performance of its obligations in Section II (c) above, other than the costs and expenses associated with the notification required to be provided to the Responsible Party of the Information Security Incident, if the Information Security Incident resulted from the acts or omissions of the Responsible Party, or any of their Third-Party providers (excluding the Supplier). “Notification Related Costs” shall include the Responsible Party’s internal and external costs associated with addressing and responding to the Information Security Incident, including but not limited to: (i) preparation and mailing or other transmission of legally required notifications; (ii) preparation and

mailing or other transmission of such other communications to such persons as the Responsible Party deems reasonably appropriate; (iii) establishment of a call centre or other communications procedures in response to such Information Security Incident (e.g., frequently asked questions and training); (iv) public relations and other similar crisis management services; (v) legal and accounting fees and expenses associated with the Responsible Party’s investigation of and response to such event; and (vi) costs for commercially reasonable credit reporting services that are associated with legally required notifications or are advisable under the circumstances. COMPLIANCE WITH PRIVACY AND INFORMATION SECURITY REQUIREMENTS. a) The Supplier shall comply with all Privacy Laws as they relate to Personal Information subject to this Policy. b) The Supplier confirms that no applicable law, or legal requirement, or privacy or Information Security enforcement action, investigation, litigation, or claim prohibits the Supplier from (i) fulfilling its obligations under the Agreement with the Responsible Party or (ii) complying with instructions it receives from the Responsible Party concerning Personal Information. In the event a law, or legal requirement, or privacy or Information security enforcement action, investigation, litigation or claim, or any other circumstance, is reasonably likely to adversely affect the Supplier’s ability to comply with this Policy, the Supplier shall promptly notify the Responsible Party in writing and the Responsible Party may, in its sole discretion and without penalty of any kind to the Responsible Party, suspend the transfer or disclosure of Personal Information to the Supplier or access to Personal Information by the Supplier, terminate any further Processing of Personal Information by the Supplier, and terminate the Agreement, if the Responsible Party reasonably deems termination necessary to comply with applicable Privacy Laws or to avoid any breach thereof. c) The Supplier shall enter any further privacy, Information security, Personal Information transfer or Personal Information Processing Agreement requested by the Responsible Party for purposes of compliance with applicable Privacy Laws. In case of any conflict between this Policy and any such further Personal Information Privacy or Information Security Agreement, such further Agreement shall prevail about the Processing of Personal Information covered by it.


PERSONAL INFORMATION SAFEGUARDS

a) The Supplier shall develop, maintain, and implement a comprehensive written Information security programme that complies with applicable Privacy Laws. The Supplier’s Information security programme shall include appropriate administrative, technical, physical, organisational and operational safeguards and other security measures designed to (i) ensure the security and confidentiality of Personal Information; (ii) protect against any anticipated threats or hazards to the security and integrity of Personal Information; (iii) protect against any actual or suspected Information Security Incident; (iv) encourage timely

internal reporting of reasonably suspected and actual Information Security Incidents; and (v) facilitate appropriate response by the Supplier to Information Security Incidents. Without limiting the generality of the foregoing, the Supplier’s Information Security Policies shall provide for (y) regular assessment and re-assessment of the risks to the security of Personal Information and systems used by the Supplier to Process Personal Information, including (1) identification of internal and external threats that could result in an Information Security Incident, (2) assessment of the likelihood and potential damage of such threats,

taking into account the sensitivity of such Personal Information and Systems, and (3) assessment of the sufficiency of Policies, Procedures, and Information Systems of the Supplier, and other arrangements in place, to control risks; and (4) protection against such risks. b) If the Processing by the Supplier or its Personnel involves the transmission of the Personal Information over a network, the Supplier shall implement appropriate measures designed to protect the Personal Information against the specific risks associated with such transmission. The Supplier shall ensure a level of security appropriate to the risks associated with such transmission and the nature of the Personal Information Processed or as otherwise required by Privacy Laws. c) The Supplier shall exercise the necessary and appropriate supervision over its relevant Personnel to maintain appropriate privacy, confidentiality, and security of Personal Information. The Supplier shall provide training, as appropriate, regarding the privacy, confidentiality and Information security requirements set forth in this Policy to relevant Personnel who have access to Personal Information. The Supplier shall only retain contractors that the Supplier reasonably can expect to be suitable and capable of performing the delegated obligations in accordance with the Agreement and this Policy. d) Promptly upon the expiration or earlier termination of the Agreement, or such earlier time

as the Responsible Party’s requests, the Supplier shall return to the Responsible Party or its designee, or at the Responsible Party’s request, securely destroy or render unreadable or undecipherable if return is not reasonably feasible or desirable to the Responsible Party (which decision shall be based solely on the Responsible Party’s written statement), each and every original and copy in every media of all Personal Information in the Supplier’s possession, custody or control. Promptly following any return or alternate action taken to comply with this paragraph, the Supplier shall provide to the Responsible Party a completed officer’s certificate certifying that such return or alternate action occurred. In the event applicable law does not permit the Supplier to comply with the delivery or destruction of the Personal Information, the Supplier warrants that it shall ensure the protection and confidentiality of the Personal Information until such time as delivered or destroyed and that it shall not use or disclose any Personal Information after termination of the Agreement.

RIGHT TO MONITOR

a) The Responsible Party shall have the right to monitor the Supplier’s compliance with this Policy. During normal business hours, and without prior notice, the Responsible Party or its authorised representatives may inspect the Supplier’s facilities, equipment and systems, and any Information or materials in the Supplier’s possession, custody, or control, relating in any way to the Supplier’s obligations under this Policy. An inspection performed pursuant to this Policy shall not unreasonably interfere with the normal conduct of the Supplier’s business. The Supplier shall cooperate fully with any such inspection initiated by the Responsible Party. b) The Supplier shall deal promptly and appropriately with any inquiries from the Responsible Party relating to the Processing of Personal Information subject to this Policy.

PURPOSE SPECIFICATION OF PERSONAL INFORMATION

Any Personal Information supplied by a Data Subject shall only be collected and used by HOUSECORE PROPERTY CONSULTING for the purpose for which it was originally intended. If the Personal Information will be used for another purpose, consent from the Data Subject will be obtained prior to the use of such Information.

ACCURACY OF PERSONAL INFORMATION

In the event of any changes to the Personal Information of a Supplier, the said Supplier is under an obligation to inform HOUSECORE PROPERTY CONSULTING of the said changes within a reasonable period.

CHANGES IN THIS POLICY

HOUSECORE PROPERTY CONSULTING reserves the right to amend, alter and terminate this Policy at any time.