Privacy Policy

Viacon Marketing and Technologies Inc. (“Company”, “we”, “our”, or “us”), a corporation incorporated under the laws of the State of Delaware, operates the website located at https://viaconprojects.com/viacon_usa (the “Website”), along with related online services, platforms, and tools (collectively, the “Services”).

This Privacy Policy (“Policy”) describes how we collect, use, disclose, and safeguard the personal data of users (“you” or “Users”) who interact with our Services. We are committed to protecting your privacy and handling your personal information in accordance with applicable data protection and privacy laws, including those in effect in the State of Delaware and the United States of America.

We may collect various categories of personal data from or about Users, including, but not limited to:

• Contact information (such as name, email address, phone number);
• Usage data (such as interactions with the Website, access times, pages viewed);
• Location data (based on IP address or device settings);
• Other information provided voluntarily through forms, registrations, or correspondence.

Personal data may be collected directly from you or automatically via technologies such as cookies, tracking pixels, and analytics tools.

We use your personal data to:

• Provide, operate, and maintain the Services;
• Improve and customize user experience;
• Communicate with Users about our Services;
• Conduct marketing and promotional efforts;
• Perform research and data analysis;
• Comply with applicable legal obligations.

This Policy explains our data handling practices, including what information we collect, how we use it, under what circumstances we may share it, and the choices you have in connection with your personal data.

By accessing or using the Services, you acknowledge that you have read and understood this Policy and agree to the Company’s collection, use, and disclosure of your personal data as described herein. If you do not agree to this Policy, you should not access or use our Services.

Definitions

For the purposes of this Privacy Policy, the following definitions shall apply:

Personal Data means any information relating to an identified or identifiable individual, including but not limited to name, contact information, online identifiers, location data, and other data that can be used to identify a natural person.

User/Visitor means any individual who visits or uses the Company's website located at https://viaconprojects.com/viacon_usa/ or any related online services (collectively, the "Services").

Company means Viacon Marketing And Technologies Inc., the entity responsible for the collection, use, and disclosure of Personal Data as described in this Privacy Policy.

Cookies means small data files stored on a User's device that allow the Company to collect certain information and track User activity on the Services.

Analytics Tools means software or services used by the Company to collect and analyze data about User behavior and interactions with the Services, such as Google Analytics, Zoho CRM (Web forms, clarity, pixel), etc.

Third-Party Vendors or Service Providers means companies or individuals hired by the Company to provide services, such as hosting, data analysis, marketing assistance, or other services related to the operation of the Services.

Data Controller means the entity that determines the purposes and means of processing Personal Data, typically the Company.

Data Processor means an entity that processes Personal Data on behalf of the Data Controller.

Consent means any freely given, specific, informed, and unambiguous indication of a User's wishes by which they signify agreement to the processing of their Personal Data.

Sensitive Personal Data or Special Categories of Personal Data means information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a person's sex life or sexual orientation.

Collection of Personal Data

The Company collects various types of personal data from Users when they interact with the Services, including but not limited to:

• Contact information, such as name, email address, and phone number.
• Business information, such as company name and industry.
• Usage data, such as IP address, browser type, device information, and other technical data.
• Location data.

Personal data may be collected directly from Users through various means, including but not limited to:

• Registration forms, contact forms, or other forms completed by Users.
• Interactions with the Services, such as account creation or submission of inquiries.

The Company may also collect personal data automatically through the use of cookies, web beacons, and other similar tracking technologies. For more information about the Company's use of cookies and other tracking technologies, please refer to the "Cookies and Tracking Technologies" section of this Policy.

In some cases, the Company may obtain personal data from third-party sources, such as data brokers, public databases, or other legitimate sources.

The Company does not intentionally collect sensitive personal data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a person's sexual orientation, unless such data is provided voluntarily by Users or is necessary for the provision of the Services.

The Company does not knowingly collect personal data from children under the age of 13 without parental consent. If the Company becomes aware that it has collected personal data from a child under the age of 13 without parental consent, it will take reasonable steps to delete such data as soon as possible.

The Company will provide clear and transparent notice to Users about the collection and use of their personal data through this Privacy Policy, just-in-time notices, or other appropriate means.

Use of Personal Data

The Company collects and uses personal data from Users for the following purposes:

• To provide, maintain, and improve the Services, including to process transactions, authenticate Users, and enable User participation in the features and functionalities of the Services;
• To communicate with Users and respond to inquiries, and provide customer support;
• To personalize User experiences and deliver content and advertising tailored to User interests and preferences;
• To conduct research and analysis, monitor and analyze trends and usage, and develop new products and services;
• To market and promote the Company's products and services, including through email marketing, targeted advertising, and other marketing channels;
• To detect, prevent, and respond to fraud, unauthorized access, or other misuse of the Services;
• To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

The Company relies on the following lawful bases for processing personal data:

Consent: The Company may process personal data based on User consent for specific purposes, such as marketing communications or certain data processing activities;

Performance of a contract: The Company may process personal data as necessary for the performance of a contract with Users, such as providing the Services or processing transactions;

Legitimate interests: The Company may process personal data based on its legitimate business interests, such as improving the Services, conducting research and analysis, and marketing its products and services, while ensuring that such interests are not overridden by User interests or fundamental rights and freedoms;

Compliance with legal obligations: The Company may process personal data as necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

The Company does not engage in automated decision-making or profiling that produces legal or similarly significant effects concerning Users.

The Company does not intentionally collect or process sensitive personal data or special categories of personal data, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, or data concerning health or or sexual orientation.

The Company retains personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The Company periodically reviews and disposes of personal data that is no longer necessary for the identified purposes.

The Company may share personal data with third-party service providers, affiliates, and partners who assist in providing the Services, conducting business operations, or performing other functions on behalf of the Company. These third parties are obligated to maintain the confidentiality and security of personal data and are prohibited from using personal data for any purpose other than the specific purpose for which it was shared.

Users have certain rights and choices regarding their personal data, including the right to access, correct, update, or request deletion of their personal data. Users may also have the right to object to certain processing activities or withdraw consent for specific processing activities. Users can exercise these rights by contacting the Company using the information provided in the "Contact Us" section of this Policy.

Sharing and Disclosure of Personal Data

The Company may share or disclose personal data collected from Users with third parties in the following circumstances:

Third-Party Service Providers: The Company may share personal data with third-party service providers to facilitate the operation and improvement of the Services. These service providers are bound by contractual obligations to protect the confidentiality and security of personal data. Examples of such service providers include hosting providers, analytics providers, marketing and advertising partners, and customer support providers.

Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of the Company's assets, personal data may be disclosed to the acquiring entity or parties involved in the transaction.

Legal Compliance and Protection: The Company may disclose personal data when required by law, court order, or other legal process, or to protect the rights, property, or safety of the Company, its Users, or others.

The Company may share personal data with third parties for purposes other than those described in this Policy, but only with the User's prior consent.

The Company may share anonymized or aggregated data with third parties for analytics, research, or other purposes, as long as the data cannot reasonably be used to identify individual Users.

Personal data may be transferred to countries or territories outside of the User's home country or region, subject to appropriate safeguards and legal mechanisms to ensure the protection of personal data, such as standard contractual clauses or other legal mechanisms as required by applicable data protection laws and regulations.

The Company is not responsible for the privacy practices of third-party websites, applications, or services that may be linked to or integrated with the Company's Services. Users are advised to review the privacy policies of such third parties before providing any personal data.

Data Transfers

Cross-border Data Transfers. The Company may transfer personal data to countries or regions outside of the United States, including to third parties and service providers located in other jurisdictions. In such cases, the Company shall ensure that appropriate safeguards are in place to protect the personal data and comply with applicable data protection laws and regulations.

Adequacy and Safeguards. The Company shall only transfer personal data to countries or regions that are deemed to provide an adequate level of data protection, or where appropriate safeguards are implemented, such as Standard Contractual Clauses, Binding Corporate Rules, or other legally recognized mechanisms.

Third-Party Recipients. In the event that personal data is transferred to third parties located outside of the United States, the Company shall ensure that such third parties are contractually obligated to provide an adequate level of data protection and to process the personal data only for the purposes for which it was transferred.

User Consent and Choices. Where required by applicable laws, the Company shall obtain explicit consent from users before transferring their personal data to a country or region outside of the United States. Users shall also be provided with options to opt-out or limit such cross-border data transfers, where feasible.

Legal Basis for Transfers. The Company may rely on various legal bases for cross-border data transfers, including contractual necessity, legitimate interests, explicit consent, or compliance with legal obligations or court orders.

Data Protection Safeguards. The Company shall implement appropriate technical and organizational measures to protect personal data during cross-border transfers, such as encryption, access controls, and other security measures commensurate with the risks involved.

Compliance with Local Laws. The Company shall comply with all applicable data protection laws and regulations in the jurisdictions where personal data is transferred, and shall cooperate with relevant authorities as required.

User Rights and Redress Mechanisms. Users shall have the right to exercise their rights regarding cross-border data transfers, including the right to access, rectify, or delete their personal data, as well as the right to lodge complaints with the relevant supervisory authorities. The Company shall provide users with appropriate redress mechanisms and complaint procedures.

Data Retention

The Company shall retain personal data collected from Users only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by applicable laws and regulations.

The Company may retain personal data for longer periods if required by applicable laws, regulations, or legal obligations, including but not limited to tax laws, anti-money laundering regulations, or for the establishment, exercise, or defense of legal claims.

The Company shall periodically review and delete or anonymize personal data that is no longer necessary for the purposes for which it was collected, subject to the exceptions outlined in this section.

Users have the right to request the deletion of their personal data, subject to the exceptions outlined in this section. Users may submit requests for the deletion of their personal data by contacting the Company at info@viaconusa.com

The Company may retain backup copies of personal data for disaster recovery and business continuity purposes. Personal data stored in backups and archives shall be subject to the same retention policies and procedures as live data.

The Company shall require third-party vendors and service providers to comply with the Company's data retention policies or implement their own policies that meet or exceed the Company's standards.

The Company shall implement appropriate measures to securely dispose of or irreversibly anonymize personal data that is no longer required to be retained, in accordance with industry best practices and applicable laws and regulations.

User Rights

The Company respects the rights of Users concerning their personal data and provides the following mechanisms for Users to exercise these rights:

Right to Access: Users have the right to request access to their personal data held by the Company. Upon receipt of a verifiable request, the Company will provide a copy of the personal data, along with information about the purposes of processing, categories of data involved, and any recipients of the data. The Company may charge a reasonable fee for excessive or repetitive requests.

Right to Rectification: Users have the right to request correction of inaccurate or incomplete personal data. The Company will take reasonable steps to ensure the accuracy of personal data and rectify any errors upon request.

Right to Erasure (Right to be Forgotten): Users have the right to request the deletion of their personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or when the User withdraws consent. The Company will comply with such requests, subject to certain exceptions, such as legal obligations or legitimate interests.

Right to Restrict Processing: Users have the right to request the restriction of processing of their personal data in certain circumstances, such as when the accuracy of the data is contested or when the processing is unlawful. The Company will restrict the processing of personal data as requested, except for storage purposes.

Right to Data Portability: Users have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller. This right applies to personal data provided by the User and processed based on consent or contract.

Right to Object: Users have the right to object to the processing of their personal data for certain purposes, such as direct marketing or profiling. The Company will respect the User's objection and cease the processing, unless there are compelling legitimate grounds for the processing.

To exercise any of the rights outlined in this section, Users may submit a request to the Company through the designated email address or online form provided on the Company's website.

The Company may request additional information from the User to verify their identity before responding to a request.

The Company will respond to requests within a reasonable timeframe, as required by applicable laws and regulations.

The Company may refuse or limit the exercise of certain rights in specific circumstances, such as when the request is manifestly unfounded or excessive, or when the processing is necessary for legal obligations or legitimate interests. Any exceptions or limitations will be clearly communicated to the User, along with the reasons for the decision.

Cookies and Tracking Technologies

The Company uses cookies and similar tracking technologies to collect and store information about Users' interactions with the Services. Cookies are small data files that are stored on a User's device when they visit a website or use an online service.

The Company may use the following types of cookies and tracking technologies:

Session cookies: These cookies are temporary and are deleted when the User closes their browser or exits the Services.

Persistent cookies: These cookies remain stored on the User's device for a specified period of time, even after the browser is closed, and are used to remember the User's preferences and settings.

Analytics cookies: These cookies are used to collect information about how Users interact with the Services, such as the pages visited, the links clicked, and the time spent on the website.

Advertising cookies: These cookies are used to deliver targeted advertisements to Users based on their browsing history and interests.

Social media cookies: These cookies are used to enable social media functionality, such as sharing content or logging in through social media accounts.

Web beacons and pixels: These are small transparent images or code snippets that are embedded in websites or emails and are used to track User activity, such as opening emails or visiting specific pages.

The information collected through cookies and tracking technologies may include, but is not limited to, IP addresses, browsing history, device information, location data, and User preferences.

The Company may also use third-party cookies and tracking technologies from service providers, such as analytics providers (e.g., Google Analytics) and advertising networks. These third-party technologies are subject to their own privacy policies and terms of use.

Users have the ability to control and manage cookies and tracking technologies through their browser settings or other mechanisms. Users may also opt-out of certain types of cookies or tracking technologies by following the instructions provided by the Company or third-party service providers.

The Company may obtain User consent for the use of cookies and tracking technologies, as required by applicable laws or regulations.

The Company may update or modify its cookie and tracking technology practices from time to time. Users are advised to review this section periodically for any changes or updates.

For more information on managing cookies and tracking technologies, Users may refer to the guidance provided by their browser or visit third-party websites that offer opt-out tools and resources.

Data Security

The Company implements technical and organizational measures to protect the confidentiality, integrity, and availability of personal data collected from Users. These measures include, but are not limited to:

• Encryption of data in transit and at rest using industry-standard encryption protocols and algorithms.
• Access controls and authentication mechanisms, including multi-factor authentication, to ensure that only authorized personnel can access personal data.
• Firewalls and network security measures to prevent unauthorized access to the Company's systems and networks.
• Regular security audits and vulnerability assessments to identify and address potential security risks.
• Incident response and breach notification procedures to promptly respond to and mitigate the effects of any security incidents or data breaches.

The Company maintains physical and environmental security measures to protect personal data, including:

• Secure facilities and data centers with access controls and monitoring systems.
• Backup and disaster recovery measures to ensure the availability and resilience of personal data in the event of a disaster or system failure.

The Company implements personnel security measures, including:

• Background checks and security awareness training for all employees and contractors who may have access to personal data.
• Confidentiality agreements and data handling policies to ensure that personnel understand and comply with their obligations to protect personal data.
• Access restrictions and need-to-know principles to limit access to personal data to only those personnel who require it for legitimate business purposes.
• The Company conducts due diligence and security assessments of third-party vendors and service providers who may have access to personal data. The Company requires such third parties to implement appropriate security measures and contractually obligates them to comply with applicable data protection laws and regulations.
• The Company acknowledges that no security measures are perfect or impenetrable, and there are inherent risks and limitations associated with the collection, storage, and transmission of personal data. The Company shall not be liable for any unauthorized access, use, or disclosure of personal data resulting from circumstances beyond its reasonable control.
• The Company adheres to industry standards and best practices for data security, and may obtain relevant security certifications and undergo regular audits to demonstrate its commitment to data security.
• The Company regularly reviews and updates its security measures to incorporate new technologies, industry best practices, and emerging threats. The Company conducts ongoing risk assessments and implements appropriate mitigation strategies to ensure the continued protection of personal data.

Children's Privacy

The Company does not knowingly collect or solicit personal data from children under the age of 13 without verifiable parental consent. If the Company becomes aware that it has inadvertently collected personal data from a child under 13 without parental consent, it will take reasonable steps to delete such information from its records.

If the Company intends to collect personal data from children under 13, it will comply with the Children's Online Privacy Protection Act (COPPA) and other applicable laws and regulations governing the collection and use of personal data from children.

The Company will obtain verifiable parental consent before collecting, using, or disclosing personal data from children under 13.

Verifiable parental consent may be obtained through various methods, including but not limited to:

• Providing a consent form to be signed by the parent and returned to the Company;
• Requiring the parent to use a credit card or other online payment system to confirm their identity and consent;
• Obtaining a signed consent form from the parent through an email, postal mail, or facsimile communication.
• Parents or legal guardians of children under 13 have the right to review, update, or delete their child's personal data, as well as refuse further collection or use of their child's personal data.

Parents or legal guardians may exercise these rights by contacting the Company at info@viaconusa.com

The Company may disclose personal data collected from children under 13 to third parties only as permitted by COPPA and other applicable laws and regulations.

Any such disclosure will be subject to appropriate safeguards and restrictions to protect the privacy and security of children's personal data.

The Company will retain personal data collected from children under 13 only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

Upon request from a parent or legal guardian, or when the personal data is no longer necessary for its intended purposes, the Company will take reasonable steps to delete or anonymize the personal data of children under 13.

The Company will maintain reasonable procedures to protect the confidentiality, security, and integrity of personal data collected from children under 13.

Any violations or concerns regarding the Company's practices related to children's privacy should be reported to info@viaconusa.com

Third-Party Links and Services

The Company's Services may contain links to or integrate with third-party websites, applications, or services (collectively, "Third-Party Services"). These Third-Party Services are not under the Company's control, and the Company is not responsible for the content, security, or privacy practices of any Third-Party Services.

The inclusion of links to or integration with Third-Party Services does not imply endorsement or control by the Company over such Third-Party Services. The Company has no control over the content, security, or privacy practices of Third-Party Services and shall not be liable for any damages, losses, or liabilities arising from the use of such Third-Party Services.

Third-Party Services may have their own privacy policies and terms of use, which Users should review and understand before using such Third-Party Services. Users access and use Third-Party Services at their own risk.

The Company reserves the right to terminate any links or integration with Third-Party Services at any time without notice.

Users are solely responsible for their interactions and transactions with Third-Party Services. Users should exercise caution and good judgment when accessing and using Third-Party Services.

Changes to the Privacy Policy

The Company reserves the right to modify, update, or amend this Privacy Policy at any time and for any reason, including to reflect changes in applicable laws, regulations, or industry standards, or to address changes in the Company's business practices or the Services offered.

Any changes to this Privacy Policy will become effective immediately upon posting the revised Privacy Policy on the Company's website or through the Services.

The Company will notify Users of any material changes to this Privacy Policy by posting a notice on the Company's website, sending an email notification to registered Users, or displaying a prominent notice within the Services.

Users' continued use of the Services after the effective date of any changes to this Privacy Policy constitutes acceptance of the revised Privacy Policy. If a User does not agree with the changes, they should discontinue using the Services.

Users are encouraged to review this Privacy Policy periodically for any updates or changes.

Any questions or concerns regarding this Privacy Policy or any changes made to it should be directed to the Company at info@viaconusa.com

This Privacy Policy and any disputes arising from it shall be governed by and construed in accordance with the laws of the State of Delaware, United States of America, without regard to its conflict of law principles. Any legal action or proceeding arising out of or relating to this Privacy Policy shall be brought exclusively in the state or federal courts located in Delaware, and each party consents to the jurisdiction of such courts.

Contact Information

Users may contact the Company regarding any questions, concerns, or requests related to this Privacy Policy or the Company's data practices using the following contact information:

Physical Address:8 The Green STE D, Kent County, Dover, Delaware - 19901-3618

Email Address: info@viaconusa.com

To submit a request or inquiry related to their personal data, such as an access request, deletion request, or objection to data processing, Users should provide the following information:

• Full name
• Email address associated with their interaction with the Company
• Detailed description of the request or inquiry
• Any additional information or documentation required by the Company to process the request or inquiry
• The Company will make reasonable efforts to respond to privacy-related inquiries or requests from Users within 30 days.
• Privacy-related inquiries or requests can be submitted in English.

Users will be notified of any changes or updates to the contact information provided in this section through and update through this Privacy Policy.

Governing Law and Jurisdiction

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Delaware, United States of America, without regard to its conflict of laws principles.

Any legal action or proceeding relating to this Privacy Policy shall be brought exclusively in the state or federal courts located in Delaware, and each party hereby irrevocably submits to the personal jurisdiction of such courts.

The venue for any legal action or proceeding relating to this Privacy Policy shall be in the appropriate state or federal court located in Delaware.

If any provision of this Privacy Policy is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.

This Privacy Policy, together with any other agreements or policies referenced herein, constitutes the entire agreement between the parties regarding the subject matter hereof.

The failure of the Company to exercise or enforce any right or provision of this Privacy Policy shall not constitute a waiver of such right or provision.

The Company reserves the right to modify or update this Privacy Policy at any time, and Users will be notified of any material changes.

This Privacy Policy, and any rights or obligations hereunder, may not be assigned or transferred by the User without the prior written consent of the Company.

Last Updated 19^th July 2025.