1. Introduction

COREIOT PTY LTD ("we", "our", or "us") operates the SmartShopFloor platform and website (smartshopfloor.com). We are committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our platform, or engage with our services.

2. Data Controller

COREIOT PTY LTD is the data controller responsible for your personal data. Data Protection Officer (DPO): Nisarg Shah Email: Nisarg.shah@coreiot.com Phone: 0861026590 Address: 1/294-296 Newcastle St, Perth WA 6000, Australia

3. Information We Collect

We collect personal information that you voluntarily provide to us when you register for the platform, express interest in our products and services, participate in activities on the platform, or contact us. This includes: • Name, email address, phone number, and company name • Job title and role within your organisation • Billing and payment information • Usage data and analytics from our platform • Communication preferences • Technical data including IP address, browser type, device information, and operating system • Cookies and similar tracking technologies

4. How We Use Your Information

We use the information we collect for the following purposes: • To provide, operate, and maintain our platform and services • To improve, personalise, and expand our services • To process transactions and manage your account • To send administrative information, updates, and security alerts • To respond to enquiries, support requests, and provide customer service • To send marketing and promotional communications (with your consent) • To analyse usage patterns and optimise user experience • To detect, prevent, and address technical issues and security threats • To comply with legal obligations and enforce our terms

5. Legal Basis for Processing

We process your personal data on the following legal bases: • Contractual Necessity: Processing necessary for the performance of our contract with you • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services, fraud prevention, and network security • Consent: Where you have given consent for specific processing activities • Legal Obligation: Processing necessary to comply with applicable laws and regulations

6. Data Sharing and Disclosure

We may share your information with: • Service Providers: Third-party vendors who perform services on our behalf, such as cloud hosting (e.g., AWS, Azure), payment processing, analytics, and customer support tools • Business Partners: Trusted partners with whom we collaborate to deliver services • Legal Requirements: When required by law, subpoena, or legal process • Business Transfers: In connection with a merger, acquisition, or sale of assets We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, and applicable legal requirements.

8. Data Security

We implement industry-standard security measures to protect your personal information, including: • Encryption of data in transit (TLS/SSL) and at rest (AES-256) • Access controls and authentication mechanisms • Regular security assessments and penetration testing • ISO/IEC 27001:2013 certified information security management system • ISO 9001:2015 certified quality management system • Regular employee training on data protection and security practices While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data: • Right of Access: Request a copy of the personal data we hold about you • Right to Rectification: Request correction of inaccurate or incomplete data • Right to Erasure: Request deletion of your personal data • Right to Restrict Processing: Request limitation of processing of your data • Right to Data Portability: Request transfer of your data to another service provider • Right to Object: Object to processing based on legitimate interests • Right to Withdraw Consent: Where processing is based on consent To exercise any of these rights, please contact our Data Protection Officer.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information and to improve and analyse our services. Cookies are small data files placed on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of our platform may not function properly without cookies. We use: • Essential Cookies: Required for platform operation • Analytics Cookies: To understand usage patterns (e.g., Google Analytics) • Marketing Cookies: To deliver relevant advertisements (with your consent)

11. International Data Transfers

Your information may be transferred to and processed in countries other than Australia. We ensure that appropriate safeguards are in place to protect your personal data in accordance with this Privacy Policy and applicable data protection laws, including the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Modified" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: COREIOT PTY LTD Data Protection Officer: Nisarg Shah Email: Nisarg.shah@coreiot.com Phone: 0861026590 Address: 1/294-296 Newcastle St, Perth WA 6000, Australia