Welcome to Happy Club United (hereinafter the “APP”). This policy applies to you and Happy Club

Discounts Ltd, irrespective of your country of residence or location.

This Policy describes our privacy practices in plain language, keeping legal and technical jargon to a

minimum to make sure you understand the information we collect, why we collect it, how it is used

and your choices regarding your information.

This Privacy Policy sits in line with Trinidad and Tobago`s Data Protection Act (DPA) and the

General Data Protection Regulation (GDPR).

The Data Controller

The person that is responsible for your information under this Privacy Policy (the “data controller”) is:

Happy Club Discounts Ltd

Lot 10 Emerald Lane Cunupia,

Trinidad and Tobago

E-Mail: info@happyclubunited.com

Web: www.happyclubunited.com

Overview of processing operations

The following overview summarises the types of data processed and the purposes of their processing

and refers to the data subjects.

Types of data processed

● Inventory data

● Content data

● Contact data

● Identity data

● Financial data

● Meta/communication data

● Usage data

Purposes of the processing

● Provision of the APP and user experience

● Contact requests and communication

● Security measures

● Provision of contractual services and customer services

● Administration and response to enquiries

Relevant legal basis

In the following, we inform you about the legal basis of the DPA and the GDPR on the basis of which

we process personal data. If more specific legal bases apply in individual cases, we will inform you of

these separately.

o Consent - The data subject has given his/her consent to the processing of personal data

relating to him/her for a specific purpose or purposes.

o Performance of a contract and pre-contractual enquiries - Processing is necessary for the

performance of a contract to which the data subject is a party or for the performance of

pre-contractual measures carried out at the data subject's request.

o Legitimate interests - Processing is necessary for the purposes of the legitimate interests

of the controller or a third party, unless such interests are overridden by the interests or

fundamental rights and freedoms of the data subject which require the protection of

personal data.

Security measures

We take appropriate technical and organisational measures in accordance with the law, taking into

account the state of the art, the costs of implementation and the nature, scope, circumstances and

purposes of the processing, as well as the different probabilities of occurrence and the level of threat

to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the

risk.

The measures include, in particular, ensuring the confidentiality, integrity and availability of data by

controlling physical and electronic access to the data as well as access to, input of, disclosure of,

assurance of availability of and segregation of the data. We also have procedures in place to ensure the

exercise of data subjects' rights, the deletion of data and responses to data compromise. Furthermore,

we already take the protection of personal data into account in the development or selection of

hardware, software and procedures in accordance with the principle of data protection, through

technology design and through data protection-friendly default settings.

However, you must understand that no Internet transmission is completely secure. Therefore, we can

never guarantee that unauthorised access, hacking, data loss and other incidents can be completely

excluded.

Your rights

The data protection laws in your country may give you the following rights:

● Right to information: what personal data a company processes and why (this policy).

● Right of access: You can request information about data collected.

● Right to rectification: If data collected is not correct, you can ask for it to be corrected.

● Right to erasure: Under certain circumstances, you can request the erasure of your data.

● Right to restriction of processing: In certain circumstances, you can request the further

processing of your data, but the data will remain stored.

● Right to data portability: You can have the data collected about you transferred to another

provider in a machine-readable format.

● Right to object: In certain circumstances (including where your data is processed on the basis

of legitimate interests or for marketing purposes) you may object to processing.

● Rights in relation to automated case-by-case decisions, including profiling: This includes

several rights where data is processed solely by automated means, and this has a legal or

significant impact on an individual. In these circumstances, you have, among other things, the

right to human intervention in the decision-making process.

If you wish to exercise any of the rights listed above, you can contact us by email at

info@happyclubunited.com. For your protection and the protection of all our users, we may need to

request certain information from you to help us confirm your identity before we can respond to the

above requests.

If you feel that we have not resolved your concern, you have the right to make a complaint at any

time. You can also contact your local data protection supervisory authority. We would, however,

appreciate the chance to deal with your concerns before you approach any supervisory authority.

Do you have to provide personal data?

The term ‘personal data’ as used in this section refers to (i) an individual’s name, picture,

geographical location, gender, marital status, age, date of birth, country and phone number (ii) credit

or debit card information, average spending (iii) internet protocol (IP) address (iv) biometric

characteristics. The provision of personal data is neither legally nor contractually required, nor is it

necessary for the conclusion of a contract. You are also not obliged to provide the personal data.

However, failure to provide the data could result in you not being able to use our APP or not being

able to use it to its full extent. The legal basis for this data processing is consent.

Installation of our APP

The App can be downloaded and installed from the "Google Playstore" and "Apple App Store".

Downloading the App may require prior registration with the respective App store and/or installation

of the respective App store software.

As far as we are aware, Google collects and processes the following data: License check, network

access, network connection, WLAN connections, and location information. And Apple collects and

processes the following data: device identifiers, IP addresses, and location information.

It cannot be ruled out that Google and Apple also transmit the information collected to a server in a

third country. We cannot influence which personal data Google and Apple processes with your

registration and the provision of downloads in the respective App store and App store software. The

responsible parties in this respect are solely Google and Apple.

Google and Apple may collect information from and about the device(s) you use to access our APP,

including hardware and software information such as IP address, device ID and type, device-specific

and app settings and properties, APP crashes, advertising IDs information about your wireless and

mobile network connection such as your service provider and signal strength; information about

device sensors such as accelerometer, gyroscope, and compass.

Firebase

We use the Google Firebase developer platform and related features and services provided by Google

Inc. Google Firebase is a platform for developers of apps for mobile devices. The Google Firebase

developer platform offers a variety of features. A list of these features can be found at:

https://firebase.google.com/terms/. Firebase's key security and privacy information can be found

here: https://firebase.google.com/support/privacy

Push Notifications

This Mobile Application includes push notifications as a method of electronic mobile communication.

By agreeing to this Policy, you consent to receive push notifications from the application. The

notifications may be delivered to your device even when the App is running in the background. You

have the ability, and it is your responsibility, to control the notifications you do, or do not, receive

through your device.You can opt out of receiving push notifications through your device settings. It is

your responsibility to keep your personal information secure when using this feature.

Cookies and Web Beacons

We may use cookies, web beacons, tracking pixels, and other tracking technologies on the Application

to help customize the Application and improve your experience. When you access the Application,

your personal information is not collected through the use of tracking technology. Most browsers are

set to accept cookies by default. You can remove or reject cookies, but be aware that such action could

affect the availability and functionality of the Application. You may not decline web beacons.

However, they can be rendered ineffective by declining all cookies or by modifying your web

browser’s settings to notify you each time a cookie is tendered, permitting you to accept or decline

cookies on an individual basis.

Authorisations and Access

We may request access or permission to certain functions from your mobile device. Those are:

● your geo-location for showing you the nearest venue,

● a user's device token to facilitate the One-time password (OTP) function, and

● Push notifications to keep subscribers updated about news and Happy Club in general.

The legal basis for data processing is our legitimate interest and the provision of contractual or

pre-contractual measures. You can change your permissions at any time via the Settings Menu of your

device.

Contacting Us

If you contact us and send us general enquiries the contact details you provide, will be stored, and

used by us to fulfil the purpose associated with the transmission, e.g., to process your enquiry or in the

event of follow-up questions.

The basis for this storage and use of your personal data is your consent which you give us by sending

us a message. Insofar as you provide us with your personal data for the purpose of responding to your

questions, the entry of personal data is required as without this information, we cannot process your

request.

You have the right to revoke your consent to the data processing described above at any time with

effect for the future. In this case, we will no longer process your data. Your personal data will be

deleted even without your revocation in any case if we have processed your request or if the storage is

inadmissible for other legal reasons.

Creating an account and a profile

A user profile will be created for you based on the information you provide during the sign up (your

Email and Password). You have the option of adjusting, changing, or deleting the information in your

account and profile to edit within the app or by contacting us. The data processing carried out in this

context is necessary to provide our service on the basis of the requests made by you. We store the data

until you delete your account. Insofar as legal retention periods are to be observed, storage also takes

place beyond the time of deletion of a user account.

Purchases and Payment Details

When you subscribe through the APP’s web portal, we may collect the following data from you to

process the desired order:

● Email address and Password

● Invoice records including; payment confirmation from the payment data collected by our

payment processor depending on the payment method

● Billing address

● Payment Method

● Cardholder or account holder name

● Payment amount

● Payment date

How we share information

We may share some user information with service providers and partners who help us operate the

Services, and in some cases with legal authorities.

We use third parties to help us operate and improve our services. These third parties assist us with

various tasks, including data hosting and maintenance, customer support, marketing, and security

measures.

We follow a rigorous vetting process before engaging a service provider or working with a partner. All

our service providers and partners should commit to strict confidentiality.

We may transfer your information if:

● we are involved in whole or in part in a merger, sale, acquisition, divestiture, restructuring,

reorganisation, dissolution, bankruptcy or other change of ownership or control.

● reasonably necessary: (i) to comply with a legal process, such as a court order, subpoena or

search warrant, government/legal investigation, or other legal requirement; (ii) to assist in the

prevention or detection of crime (in each case, subject to applicable law); or (iii) to protect the

safety of any person.

● disclosure would reduce our liability in actual or threatened litigation; (ii) if necessary to

protect our legal rights and the legal rights of our users, business partners or other interested

parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other

action regarding illegal activities, suspected fraud or other misconduct.

We may ask for your consent to share your information with third parties. In any such case, we will

make clear why we want to share the information.

We may use and share non-personal information such as device information, general demographic

information, general behavioural information, and personal information in hashed, non-human

readable form in the above circumstances.

Uninstall

You can stop the collection of information by the APP by uninstalling it using the standard uninstall

procedure for your device.

Storage and retention

Unless a more specific retention period is stated within this privacy policy, we will retain your

personal data on our server until the purpose for processing it no longer applies. If you assert a

legitimate request for deletion or revoke your consent to data processing, your data will be deleted

unless we have other legally permissible reasons for storing your personal data (e.g., retention periods

under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer

apply.

Data Breaches/Notification

Databases or data sets that include Personal Data may be breached inadvertently or through wrongful

intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose

Personal Data may have been compromised, and the notice will be accompanied by a description of

action being taken to reconcile any damage as a result of the data breach. Notices will be provided as

expeditiously as possible after which the breach was discovered.

Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to

use it and want to request its rectification, deletion, or object to its processing, please do so in your

account or contact us. For your protection and the protection of all of our users, we may ask you to

provide proof of identity before we can answer the above requests.

Exercising your rights

If you wish to access your personal data or exercise any of the rights listed above, you should apply in

writing, providing evidence of your identity. Any communication from us in relation to your rights as

detailed above will be provided free of charge. However, in case of requests that are manifestly

unfounded or excessive, in particular because of their repetitive character, we may charge a reasonable

fee taking into account the administrative costs of providing the information or communication or

taking the action requested; or refuse to act on the request.

Insofar as you have given us consent to process personal data for specific purposes, the lawfulness of

this processing is given on the basis of your consent. Consent given can be revoked at any time.

Automated individual decision-making including profiling

We do not make automated decisions in individual cases, including profiling.

Accuracy

It is important that the data we hold about you is accurate and current, therefore please keep us

informed of any changes to your personal data.

Changes, Queries and Complaints

This policy and our commitment to protecting the privacy of your personal data can result in changes

to this policy. Please regularly review this policy to keep up to date. Any comments or queries on this

policy should be directed to us. If you believe that we have not complied with this policy or acted

otherwise than in accordance with data protection law, then you should notify us. Furthermore, you

will be deemed to have been made aware of, will be subject to, and will be deemed to have accepted

the changes in any revised Privacy Policy by your continued use of the Application after the date such

revised Privacy Policy is posted.