LEONESSA

PRIVACY POLICY

Last Updated: February 28, 2026

1. SCOPE AND APPLICABLE LAWS

This Privacy Policy describes how Leonessa Global Technology CO.,LTD. (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards your information when you use our website and services (collectively, the “Services”).  Leonessa Global Technology CO.,LTD. acts as the data controller responsible for the processing of personal information described in this Privacy Policy.

If you do not agree with this Privacy Policy, please do not use our Services.

This Privacy Policy is designed to comply with applicable data protection laws, including:

- The EU General Data Protection Regulation (GDPR)

- The UK GDPR and Data Protection Act 2018

- The California Consumer Privacy Act (CCPA) as amended by CPRA

- Other applicable U.S. state privacy laws

- Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)

- Australia’s Privacy Act 1988 and the Australian Privacy Principles (APPs)

- New Zealand Privacy Act 2020

- Applicable data protection laws of Middle East jurisdictions, including the United Arab Emirates, Kingdom of Saudi Arabia, Qatar, and Bahrain

If you are located in the European Economic Area (EEA), United Kingdom, California, Canada, or another jurisdiction with specific privacy laws, additional rights may apply to you as described below.

2. INFORMATION WE COLLECT

A. Information You Provide to Us

We may collect personal information you voluntarily provide, including:

- Name

- Email address

- Account credentials

- Communications you send to us

- Any other information you submit through forms or account registration

You are responsible for ensuring that the information you provide is accurate and up to date.

B. Information Automatically Collected

When you access our Services, we automatically collect certain technical information, including:

- IP address

- Device type and identifiers

- Browser type and version

- Operating system

- Language preferences

- Referring URLs

- Usage data and interaction data

- Approximate geographic location

This data does not directly identify you but may be considered personal data under certain laws.

C. Information from Third Parties

If you log in using social login features from:

- Facebook

- X

- TikTok

We may receive limited profile information such as:

- Name

- Email address

- Profile image

- Public account information

We use this information solely to authenticate your account and provide Services. We do not control how these platforms process your information.

3. HOW WE USE YOUR INFORMATION

We process your personal information for the following purposes:

- To provide and operate our Services

- To create and manage user accounts

- To communicate with you

- To provide customer support

- To monitor performance and improve functionality

- To ensure security and prevent fraud

- To comply with legal obligations

We do not sell your personal information.

We do not share personal information with advertisers for independent marketing use.

4. LEGAL BASES FOR PROCESSING (EU/UK USERS)

If you are located in the EEA or UK, we rely on:

- Contractual necessity (to provide Services)

- Legitimate interests (analytics, security, service improvement)

- Legal obligations

- Consent (where required, including certain cookies)

You may withdraw consent at any time.

5. COOKIES AND TRACKING TECHNOLOGIES

We use cookies, pixels, and analytics tools for:

- Site functionality

- Security

- Performance monitoring

- Internal analytics

We may use third-party service providers hosted on cloud infrastructure such as services operated by Amazon Web Services.

Where required by law, we obtain consent before placing non-essential cookies. You may control cookies through your browser settings.

6. DATA SHARING AND DISCLOSURE

We may share personal information with:

- Cloud hosting providers

- Analytics service providers

- Security and fraud detection providers

- Professional advisors

- Legal authorities when required

We do not sell personal data.

We do not share personal data with third-party advertisers for their own marketing purposes.

7. INTERNATIONAL DATA TRANSFERS

Your data may be:

- Stored on international cloud servers

- Accessed by authorized employees located in China

We implement safeguards consistent with GDPR requirements, including:

- Standard contractual clauses (where required)

- Contractual confidentiality and security obligations

By using our Services, you acknowledge that your information may be processed outside your country of residence. Where personal information is disclosed to overseas recipients, we take reasonable steps to ensure such recipients handle personal information in a manner consistent with applicable privacy laws and appropriate data protection standards.

8. DATA RETENTION

We retain personal information only as long as necessary to:

- Fulfill the purposes described in this policy

- Comply with legal obligations

- Resolve disputes

- Enforce agreements

When no longer required, we securely delete or anonymize your information.

9. SECURITY MEASURES

We implement appropriate technical and organizational safeguards, including:

- Encryption in transit

- Access controls

- Authentication mechanisms

- Secure cloud infrastructure

- Monitoring and auditing systems

However, no method of transmission over the Internet is 100% secure.

10. CHILDREN’S PRIVACY

Our Services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13.

11. YOUR PRIVACY RIGHTS

Depending on your jurisdiction, you may have the right to:

- Access your personal data

- Correct inaccurate data

- Delete your data

- Restrict processing

- Object to processing

- Data portability

- Withdraw consent

- Opt out of certain processing activities

California Residents

Under CCPA/CPRA, California residents may:

- Request disclosure of categories and specific pieces of data collected

- Request deletion of personal data

- Correct inaccurate information

- Opt out of sale (we do not sell data)

EU/UK Residents

You have the right to lodge a complaint with your local data protection authority.

Canadian Residents

You may request access to or correction of your personal information under PIPEDA.

To exercise any rights, contact: [email protected]

Australia and New Zealand Residents

If you are located in Australia or New Zealand and believe we have not addressed your privacy concerns, you may lodge a complaint with your local privacy regulator or data protection authority in accordance with applicable law.

Middle East Jurisdictions

Users located in certain Middle East jurisdictions may have additional rights under applicable data protection laws, including rights to access, correction, or deletion of personal data, subject to local legal requirements.

12. DO-NOT-TRACK SIGNALS

We currently do not respond to Do-Not-Track (DNT) browser signals.

13. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time.

Material changes will be communicated via:

- Website notice

- Direct communication where appropriate

14. CONTACT INFORMATION

Leonessa Global Technology CO.,LTD.

Email: [email protected]

For privacy or data protection inquiries, including requests to exercise legal rights, you may contact us in English at the email above.